International Spyware Company Hacked: Flash Exploits Sold to Intel Agencies
The irony is quite strong in this one: Italy-based Hacking Team, an international spyware company that provides surveillance technology to government agencies, was hacked. More than 400 GBs of internal data was published as a Torrent file on Sunday evening, in addition to a full list of the company’s clients on Pastebin.
Those clients include different intelligence agencies from countries around the world, including Egypt, Saudi Arabia, South Korea, Turkey, Uzbekistan and many more. The U.S. Federal Bureau Investigations (FBI) and Drug Enforcement Agency (DEA) are also among the spyware company’s list of active clients.
Wired ran a story on the FBI’s total expenditures at Hacking Team. They also noted that many repressive regimes have purchased the same software, including Sudan and Bahrain. The software, Remote Control Service (RCS), has been used to target Washington, D.C. journalists; a Moroccan media outlet; and a United Arab Emirates human rights activist.
In addition to switching on a target’s computer camera and microphone, RCS can capture private data, including emails, instant messages and passwords typed into web browsers. Again, strong, unique passwords are not always enough to protect you from remote attackers, particularly if they’re of the government surveillance regime types. NPR has verified that at least some of the hacked personal passwords do check out.
Since passwords aren’t enough, check out how two-factor authentication can protect your personal and company accounts.
A deeper analysis of the data dump by TrendMicro researchers reveals that at least three exploits were bundled into a package sold to clients, including two Flash Player exploits and one for Windows kernel. These vulnerabilities do not have CVE (Common Vulnerabilities and Exposures) numbers yet.
Yes, there is the obvious editorial commentary on the irony of a government reprimanding individuals for conducting security research for the greater good while the government itself is buying hacking software for their own nefarious means.
But it’s also kind of interesting the other points this data dump reveals - that government intel agencies of all types (including super repressive ones) are buying the same spy software and that the spyware is used to target journalists. CNN Money’s headline, This company sells spy tools to evil governments, makes no qualms about it.
Letters from the U.N. panel overseeing sanctions revealed that they considered Hacking Team’s software as prohibited military equipment, as The Wall Street Journal reported.
This data leak is even more interesting in the discussion of the international arms control pact, the Wassenaar Arrangement, that would restrict the export of exploits and other computer intrusion software.