Hacking Team, Which Sells Surveillance Tech To Governments, Exposed By Major Hack

One of the technology world’s most notorious providers of surveillance and intrusion software has found itself on the wrong end of an embarrassing hack.

A range of sensitive documents belonging to Italy-based Hacking Team, which is known for working with governments worldwide, appeared to leak out over the weekend, including email communications and client lists. The hackers, who remain unidentified at this time, also took over the group’s Twitter account, using it to post screenshots of emails and other details, as CSO first reported.

Hacking Team is a mysterious organization which has long been thought to sell tracking and hacking software to governments, particularly those in developing markets. The organization describes itself as providing “effective, easy-to-use offensive technology to the worldwide law enforcement and intelligence communities”. One tool that it is known to offer is Davinci, a service marketed at law enforcement organization that can purportedly access SMS, emails, web browsing and more to locate specific targets.

Last year, the organization denied selling technology to “any repressive regime” following a report from a report from Citizen Lab, but early leaks of the files — which weigh it at over 400GB — appear to show government contracts with Kazahkstan, Sudan, Russia, Saudi Arabia and others.

Hacking Team never sold to Sudan? Here's the instructions for the 480,000 Euro wire transfer. cc @hackingteam pic.twitter.com/JqexHpvb3s

— Eva (@evacide) July 6, 2015

In addition, it seems that the company also sold software to private companies. That was something that it denied doing in the past.

Yup, I guess @hackingteam really did sell their RCS Exploit software to private companies in Brazil. pic.twitter.com/1ZYLiwC5LX

— John Adams (@netik) July 6, 2015

Further email correspondence appears to show Hacking Team acknowledge that it supplied technology to Ethiopian authorities which was subsequently used to spy on journalists and activists, per another report from Citizen Lab.

In an apparent leaked note posted to Twitter, Hacking Team COO Giancarlo Russo acknowledged the potential that the client had abused its software, but appeared to bury any concerns around ethics by explaining that a flag had been raised by “two of the newest guys… who may be frightened by this kind of press.”

https://twitter.com/hackingteam/status/617968539106979840

A further list, posted to Pastebin, claims to show the organization’s client list, which includes government agencies from Australia, Egypt, Malaysia, Mexico, Singapore, Spain, Thailand, Turkey and UAE. The Verge reported in 2013 that Hacking Team made a major push to lure U.S.-based clients, and according to this list, the FBI and Drug Enforcement Agency had engaged Hacking Team’s services at one point.

Many of the security community may enjoy the irony that Hacking Team, which is listed on Reporter’s Without Borders’ ‘Enemies Of The Internet’ list, is being exposed so publicly, but there’s a genuine concern that if the organization’s source codes are indeed part of the leaked documentation — which experts are still looking over — then that could grant widespread access to some very powerful tools.

Hacking Team founder Christian Pozzi claimed on Twitter that the hackers falsified information about the company’s services and clients, adding that the company is working with police on the issue.

https://twitter.com/christian_pozzi/status/617964660705234944

A further tweet appeared to suggest that the company is shutting down, but it isn’t clearly whether that is genuine or just a reaction to the outpouring of company information into the public domain.

https://twitter.com/christian_pozzi/status/617977993760272384

Update: Pozzi has deleted his Twitter account.