Italian cybersecurity company Hacking Team was hacked on Sunday, resulting in the public leak of over 400GB of sensitive information. The Twitter and data takeover included the publishing of client emails, sensitive employee information, source codes and more, revealing the company’s shady dealings with blacklisted governments.
Perhaps the name was just asking for it. “Hacking Team” is an Italy-based company that provides offensive cybersecurity solutions to governments and intelligence agencies across the globe. It appears someone had a serious bone to pick with the security firm, as the organization was hacked on Sunday. The leak resulted in more than 400 GB of data being made public, including two of the most effective malware bugs that can gain access to almost every major operating system and browser through Adobe.
The incident began with a questionable Twitter post that read, “Since we have nothing to hide, we’re publishing all our e-mails, files and source code.” The post also conveniently provided a link to the files, where anyone in the world could download the private information for free.
The leak included client emails, source codes, invoices, company documents and sensitive employee information. The hackers revealed themselves on Monday and claim to be the same ‘vigilante’ team that hacked Gamma International last year. It was initially unclear as to why anyone would go through all of the trouble to embarrass Hacking Team – a company that claims it always plays by the rules – until now.
The leak aired out Hacking Team’s dirty laundry, so to speak, regarding the company’s secret dealings with countries that execute human rights violations and other international crimes. The security firm claimed it never initiated dealings with countries that were blacklisted by the US, EU or NATO, but the leaked files prove otherwise.
An Excel spreadsheet with information about client management went public through the hack, revealing Hacking Team service agreements with Morocco, The United Arab Emirates, Kazakhstan, Azerbaijan, Sudan and even invoices from groups within Egypt. It is unclear exactly which services were provided to the shady governments, but the dealings alone indicate that Hacking Team hasn’t exactly been honest in its business ventures. Regardless, the hack was successful in embarrassing the Italian company, but is unlikely to result in a serious decline in business. One leak, however, may come back to bite us.
Hidden in Hacking Team’s source code was a list of two significant Adobe vulnerabilities, which have allowed the company to gain access to almost any company running Adobe products on Windows, OS X and Linux. The vulnerabilities also target browsers running Adobe solutions, including Firefox, Chrome, Internet Explorer and Safari, allowing hackers to gain access as Administrator. The leak essentially handed hackers a new tool belt, on a silver platter, enabling anyone to take over any computer running Adobe worldwide. Adobe commented, stating it would fix the vulnerability immediately, but unfortunately for them, this isn’t the first security breach targeting the company’s software solutions.
Hacking Team has yet to comment on the hacking ordeal. It’s website is back up and running as of the posting of this article, and it’s unclear as to whether or not the organization will make a public statement. Reporters Without Borders calls Hacking Team an “enemy of the Internet,” because of its shady dealings with human rights violators. On the other side of the coin, however, as a business owner in any industry, it is difficult to refuse business with a high-paying client, even if their money is colored red.
C
See more news at:
