January 22, 2019, 06:54:22 PM

Author Topic: Italian "Cyber Arms Dealer" Hacking Team, has been hacked  (Read 8986 times)

BuddhaForce

  • Staff
  • Full Member
  • *****
  • Posts: 103
    • View Profile
Italian "Cyber Arms Dealer" Hacking Team, has been hacked
« on: July 06, 2015, 11:18:31 PM »
The Shady World of Cyber Arms Dealing Exposed.

Italian spyware company Hacking Team (HT), has been hacked and reportedly over 400GB of data has been exfiltrated including company emails, financial data, software documentation, and even the source code. This will be an open thread to document the leak so check back as new stories arise. With this much data being dumped onto the web, it will take time for people to sift through and investigate. But read on for a peek inside the shady world of commercial spyware, priced just right for a small country or a large police force.

Browse the leak - https://ht.transparencytoolkit.org/
HT clients & codenames - http://pastebin.com/MP8zpQ26


[youtube]https://www.youtube.com/watch?v=R63CRBNLE2o[/youtube]


WHAT YOU NEED TO KNOW

* Hacking Team (HT), an Italian company which has been labeled as a "cyber arms dealer," was hacked on July 5th, 2015, and had over 400GB of internal company data dumped onto the internet. (Source)

* The original leak came from the companies twitter account itself which was hacked. (Source)

* Anti-surveillance hacker PhineasFisher has claimed responsibility for the massive data breach. This is the same hacker that last year claimed responsibility for breaching cyber surveillance dealer Gamma International. Hacking Team spokesman Eric Rabe has issued a statement to VICE's Motherboard saying that, "we don?t think this was the work of just some random guy." (Source)

* HT flagship product is called "Remote Control System," or RCS for short. It is off-the-shelf surveillance spyware that can be implanted on almost all computers and mobile devices. Once the spyware is installed, it can track a "target's" movement, monitor their web browsing, record their phone and VoIP calls, activate cameras, steal emails and Instant messages, log typing, mine address books for contacts, and scoop up usernames and passwords. This is all done before any data can be encrypted. All the information is plugged into the RCS software which builds an information profile and surveillance social network about an individual and his/her associates. (Source)

* The RCS spyware can be implanted on your smart phone, tablet, or computer through "wifi networks, USB sticks, and email attachments." It could also be planted at an Internet Service Provider's hub,  or even on the WiFi network at your local Starbucks, infecting devices which connect according to leaked manuals. (Source)

* The RCS surveillance software has largely been sold to governments around the world, including those ruled by repressive regimes. Leaked documents indicate the following governments are clients of Hacking Team: Egypt, Ethiopia, Morocco, Nigeria, Sudan, Chile, Colombia, Ecuador, Honduras, Mexico, Panama, United States, Azerbaijan, Kazakhstan, Malaysia, Mongolia, Singapore, South Korea, Thailand, Uzbekistan, Vietnam, Australia, Cyprus, Czech Republic, Germany, Hungary, Italy, Luxemburg, Poland, Russia, Spain, Switzerland, Bahrain, Oman, Saudi Arabia, United Arab Emirates. (Source)

* HT was trying to rapidly expand into the North American market in 2015, with attempts to incorporate HT USA, Inc.  Prospective clients for the U.S. push included the DEA, DOJ, FBI, NCIS, Naval Intelligence, DANY, ATF, and the Canadian Mounted Police (RCMP). (Source)

* In the U.S. the FBI has spent $775,000 on HT's spy tools since 2011 according to leaked documents. (Source)
« Last Edit: July 08, 2015, 05:22:50 PM by Mr.X »
Open Source Intelligence

BuddhaForce

  • Staff
  • Full Member
  • *****
  • Posts: 103
    • View Profile
Re: Italian SpyWare company Hacking Team Hacked
« Reply #1 on: July 06, 2015, 11:21:14 PM »
Leaked Documents Show FBI, DEA and U.S. Army Buying Italian Spyware
https://firstlook.org/theintercept/2015/07/06/hacking-team-spyware-fbi

As usual, The Intercept article goes on forever, so I will break down the salient points.

  • Hacking Team's (HT) spyware has been marketed to law enforcement in New York City (NYPD), Arizona, California, and Florida.
  • U.S. Government entities like the CIA, DHS, and the Pentagon have all been pitched by HT.
  • HT's spyware is called "Remote Control System", or RCS for short, and also goes by the name "Galileo".
  • The FBI has been using the RCS software since 2011 according to a leaked invoice, possibly for its shadowy Remote Operations Unit. Also FBI's National Domestic Communications Assistance Center has shown interest in RCS.
  • Leaked emails show that some potential U.S. clients worried about the legality of the powerful spyware.
  • HT refers to its clients by code names, due to sensitivity. DEA known as "Katie." FBI known as "Phoebe." CIA known as "Marianne."
  • DEA provided funds for the purchase in 2012 of RCS for foreign government of Colombia, and administered it jointly with Colombian law enforcement.
  • HT affiliate companies: Robotec=Latin America; SS8=USA; Cicom=USA.
  • RCS spyware once planted on a device can circumvent encryption by grabbing data before it encrypted and sent, or after it is received and unencrypted.
  • Army has bought RCS software, no specific department has been identified yet, but the are stationed at Fort Meade.
  • HT was planning major push into U.S. market recently.
  • San Bernadino, CA, was being used as a live test pilot for the RCS software. Judge was asked for a warrant to use the spyware.

Documents released by Intercept:
https://www.documentcloud.org/documents/2157732-san-bernardino.html
https://www.documentcloud.org/documents/2157726-maricopa-county-attorneys-office.html
https://www.documentcloud.org/documents/2157727-meeting-with-metropolitan-bureau-of.html
https://www.documentcloud.org/documents/2157737-san-bernadino-react.html
https://www.documentcloud.org/documents/2157718-fort-meade-dcis.html
https://www.documentcloud.org/documents/2157704-cancelling-nypd.html
https://www.documentcloud.org/documents/2157713-dhs.html
https://www.documentcloud.org/documents/2157714-eric-chuang.html
https://www.documentcloud.org/documents/2157715-fbi-client.html
https://www.documentcloud.org/documents/2157708-code-names-fbi-and-dea.html
https://www.documentcloud.org/documents/2157705-cia-marianne.html
https://www.documentcloud.org/documents/2158002-d-client-katie.html
https://www.documentcloud.org/documents/2157717-foreign-angle.html
https://www.documentcloud.org/documents/2157709-configuration-dea-2.html
https://www.documentcloud.org/documents/2157724-katie-local-use-phoebe-exposed.html
https://www.documentcloud.org/documents/2157730-robotec-dea.html
https://www.documentcloud.org/documents/2157734-well-known-bad-guy.html
https://www.documentcloud.org/documents/2157725-local-law-enforcement-agencies-in-the-us.html
https://www.documentcloud.org/documents/2157729-precisely-what-we-do.html
https://www.documentcloud.org/documents/2157731-s-bernardino-is-the-best-pilot.html
https://www.documentcloud.org/documents/2157711-dany-galilelo-budgetary-proposal-150414.html
https://www.documentcloud.org/documents/2157703-150224-project-patti-final-report.html
https://www.documentcloud.org/documents/2157728-meeting-with-ndcac.html
https://www.documentcloud.org/documents/2157702-phoebe-meeting-in-quantico.html
https://www.documentcloud.org/documents/2157771-future-fbi.html
https://www.documentcloud.org/documents/2157716-ferrari-beretta-rcs.html
« Last Edit: July 07, 2015, 12:01:52 AM by Mr.X »
Open Source Intelligence

BuddhaForce

  • Staff
  • Full Member
  • *****
  • Posts: 103
    • View Profile
Re: Italian SpyWare company Hacking Team Hacked
« Reply #2 on: July 07, 2015, 12:05:51 AM »
Phineas Fisher Claims Responsibility for HT Hack
http://motherboard.vice.com/read/hacker-claims-responsibility-for-the-hit-on-hacking-team

Same person who claimed to hack and leak 40GBs of data on surveillance company Gamma International in 2014.



Hacking Team: the Hack on Us Was Not Done by 'Some Random Guy'
http://motherboard.vice.com/read/hacking-team-the-hack-on-us-was-not-done-by-some-random-guy

Hacking Team spokeshole says random guy pulling off sophisticated hack not likely...
« Last Edit: July 08, 2015, 05:20:45 PM by Mr.X »
Open Source Intelligence

BuddhaForce

  • Staff
  • Full Member
  • *****
  • Posts: 103
    • View Profile
Re: Italian SpyWare company Hacking Team Hacked
« Reply #3 on: July 07, 2015, 12:32:05 AM »
Further details on RCS software and what it does from leaked manuals
https://firstlook.org/theintercept/2014/10/30/hacking-team/
https://citizenlab.org/2014/06/backdoor-hacking-teams-tradecraft-android-implant/

Here is the bullet point list of the important details on the Remote Control System (RCS) spyware.


  • RCS is off-the-shelf, ready to go spyware that can be implanted on a digital device and can then monitor it in real-time.
  • Leaked manuals show how the RCS software can be used to "activate cameras, exfiltrate emails, record Skype calls, log typing, and collect passwords on targeted device."
  • Can infect devices by using "wifi networks, USB sticks, streaming video, and email attachments to deliver viral installers."
  • Company claims they only sell to governments and law enforcement agencies who are not on any "blacklists."
  • RCS spyware could be planted with Internet Service Providers, or even on the WiFi at your local Starbucks, infecting any devices that connect to it, according to leaked manuals.
  • RCS can be planted on any of the following systems, according to leaked manuals: OSX, Windows, Android, Blackberry, iOS, Symbian, and Windows Mobile.
  • RCS can sort through a targets contacts and link them automatically to a "profile."
  • Can tell your physical location.






RCS Manuals Released:
https://s3.amazonaws.com/s3.documentcloud.org/documents/1348004/rcs-9-analyst-final.pdf
https://s3.amazonaws.com/s3.documentcloud.org/documents/1348003/rcs-9-admin-final.pdf
https://s3.amazonaws.com/s3.documentcloud.org/documents/1348002/rcs-9-technician-final.pdf
https://s3.amazonaws.com/s3.documentcloud.org/documents/1348001/rcs-9-sysadmin-final.pdf
https://s3.amazonaws.com/s3.documentcloud.org/documents/1347999/invisibility-report-9-0-final.pdf
https://s3.amazonaws.com/s3.documentcloud.org/documents/1347998/remote-control-system-9-0-changelog-final.pdf
https://s3.amazonaws.com/s3.documentcloud.org/documents/1348000/remote-control-system-9-1-changelog-final.pdf
Open Source Intelligence

BuddhaForce

  • Staff
  • Full Member
  • *****
  • Posts: 103
    • View Profile
Re: Italian SpyWare company Hacking Team Hacked
« Reply #4 on: July 07, 2015, 12:33:43 AM »
The FBI Spent $775K on Hacking Team?s Spy Tools Since 2011
http://www.wired.com/2015/07/fbi-spent-775k-hacking-teams-spy-tools-since-2011/
Open Source Intelligence

BuddhaForce

  • Staff
  • Full Member
  • *****
  • Posts: 103
    • View Profile
« Last Edit: July 07, 2015, 05:11:44 PM by Mr.X »
Open Source Intelligence

BuddhaForce

  • Staff
  • Full Member
  • *****
  • Posts: 103
    • View Profile
Re: Italian SpyWare company Hacking Team Hacked
« Reply #6 on: July 07, 2015, 12:49:14 AM »
The HT Leak in Pictures
http://www.csoonline.com/article/2944732/data-breach/in-pictures-hacking-teams-hack-curated.html

Lots and lots of little nuggets being pryed open form this massive data leak. Will post bullet points as soon as possible.
Open Source Intelligence

BuddhaForce

  • Staff
  • Full Member
  • *****
  • Posts: 103
    • View Profile
Re: Italian SpyWare company Hacking Team Hacked
« Reply #7 on: July 07, 2015, 12:54:49 AM »
Open Source Intelligence

BuddhaForce

  • Staff
  • Full Member
  • *****
  • Posts: 103
    • View Profile
Re: Italian SpyWare company Hacking Team Hacked
« Reply #8 on: July 07, 2015, 11:45:48 AM »
HT software "went missing" in Panama after 2014 presidential election
http://motherboard.vice.com/read/hacking-teams-equipment-got-stolen-in-panama
Open Source Intelligence

BuddhaForce

  • Staff
  • Full Member
  • *****
  • Posts: 103
    • View Profile
Re: Italian SpyWare company Hacking Team Hacked
« Reply #9 on: July 07, 2015, 11:47:40 AM »
Open Source Intelligence

BuddhaForce

  • Staff
  • Full Member
  • *****
  • Posts: 103
    • View Profile
Re: Italian SpyWare company Hacking Team Hacked
« Reply #10 on: July 07, 2015, 11:52:37 AM »
Spy gadget catalogues found in HT leak
https://ht.transparencytoolkit.org/rcs-dev%5Cshare/Documentation/Gamma/ELAMAN/elamancat/

Everything from micro surveillance cameras, vehicle tracking, to lock picking.
Open Source Intelligence

BuddhaForce

  • Staff
  • Full Member
  • *****
  • Posts: 103
    • View Profile
Re: Italian SpyWare company Hacking Team Hacked
« Reply #11 on: July 07, 2015, 11:54:03 AM »
« Last Edit: July 07, 2015, 11:55:56 AM by Mr.X »
Open Source Intelligence

BuddhaForce

  • Staff
  • Full Member
  • *****
  • Posts: 103
    • View Profile
Re: Italian SpyWare company Hacking Team Hacked
« Reply #12 on: July 07, 2015, 11:57:49 AM »
RCS Invisibility Report: See if your anti-virus could detect government spyware
https://twitter.com/Te_Taipo/status/618242536411394048/photo/1

SPOILER ALERT: Not Likely.

Open Source Intelligence

BuddhaForce

  • Staff
  • Full Member
  • *****
  • Posts: 103
    • View Profile
Re: Italian SpyWare company Hacking Team Hacked
« Reply #13 on: July 07, 2015, 12:02:52 PM »
HT one month before hack: CEO jokes about major leak
https://twitter.com/rj_gallagher/status/618158437130702848/photo/1

Calls his companies software "evilest technology on Earth."



Open Source Intelligence

BuddhaForce

  • Staff
  • Full Member
  • *****
  • Posts: 103
    • View Profile
Re: Italian SpyWare company Hacking Team Hacked
« Reply #14 on: July 07, 2015, 12:09:54 PM »
« Last Edit: July 07, 2015, 12:14:54 PM by Mr.X »
Open Source Intelligence

Tags: