HackingTeam

Last updated

HackingTeam
Industry Information technology
Founded2003
FoundersDavid Vincenzetti, Valeriano Bedeschi
Defunct2020
FateDissolved
Headquarters
Milan
,
Italy
ProductsSoftware (IT-Security)
BrandsHackingTeam
Website HackingTeam.it (offline)

HackingTeam was a Milan-based information technology company that sold offensive intrusion and surveillance capabilities to governments, law enforcement agencies and corporations. [1] Its "Remote Control Systems" enable governments and corporations to monitor the communications of internet users, decipher their encrypted files and emails, record Skype and other Voice over IP communications, and remotely activate microphones and camera on target computers. [2] The company has been criticized for providing these capabilities to governments with poor human rights records, [3] though HackingTeam states that they have the ability to disable their software if it is used unethically. [4] [5] The Italian government has restricted their licence to do business with countries outside Europe. [6]

Contents

HackingTeam employs around 40 people in its Italian office, and has subsidiary branches in Annapolis, Washington, D.C., and Singapore. [7] Its products are in use in dozens of countries across six continents. [8]

Company foundation

HackingTeam was founded in 2003 by Italian entrepreneurs Vincenzetti and Valeriano Bedeschi. In 2007 the company was invested by two Italian VC: Fondo Next and Innogest. [9]

The Milan police department learned of the company. Hoping to use its tool to spy on Italian citizens and listen to their Skype calls, the police contacted Vincenzetti and asked him to help. [10] HackingTeam became "the first sellers of commercial hacking software to the police”.

According to former employee Byamukama Robinhood, the company began as security services provider, offering penetration testing, auditing and other defensive capabilities to clients. [11] Byamukama states that as malware and other offensive capabilities were developed and accounted for a larger percentage of revenues, the organization pivoted in a more offensive direction and became increasingly compartmentalized. Byamukama claims fellow employees working on aspects of the same platform – for example, Android exploits and payloads – would not communicate with one another, possibly leading to tensions and strife within the organization. [11]

In February 2014, a report from Citizen Lab identified the organisation to be using hosting services from Linode, Telecom Italia, Rackspace, NOC4Hosts and bullet proof hosting company Santrex. [12]

On 5 July 2015 the company suffered a major data breach of customer data, software code, internal documents and e-mails. (See: § 2015 data breach )

On 2 April 2019 HackingTeam was acquired by InTheCyber Group to create Memento Labs. [13]

Products and capabilities

Hacking Team enables clients to perform remote monitoring functions against citizens via their RCS (remote control systems), including their Da Vinci and Galileo platforms: [1]

  • Capture audio and video stream from device memory to bypass cryptography of Skype sessions [14]
  • Use microphones on device to collect ambient background noise and conversations

HackingTeam uses advanced techniques to avoid draining cell phone batteries, which could potentially raise suspicions, and other methods to avoid detection. [18] [19]

The malware has payloads for Android, [16] BlackBerry, Apple iOS, Linux, Mac OS X, Symbian, as well as Microsoft Windows, Windows Mobile and Windows Phone class of operating systems. [20]

RCS is a management platform that allows operators to remotely deploy exploits and payloads against targeted systems, remotely manage devices once compromised, and exfiltrate data for remote analysis.

Controversies

Use by repressive governments

HackingTeam has been criticized for selling its products and services to governments with poor human rights records, including Sudan, Bahrain, Venezuela, and Saudi Arabia. [21]

In June 2014, a United Nations panel monitoring the implementation of sanctions on Sudan requested information from HackingTeam about their alleged sales of software to the country in contravention of United Nations weapons export bans to Sudan. Documents leaked in the 2015 data breach of HackingTeam revealed the organization sold Sudanese National Intelligence and Security Service access to their "Remote Control System" software in 2012 for 960,000 Euros. [21]

In response to the United Nations panel, the company responded in January 2015 that they were not currently selling to Sudan. In a follow-up exchange, HackingTeam asserted that their product was not controlled as a weapon, and so the request was beyond the scope of the panel. There was no need for them to disclose previous sales, which they considered confidential business information. [21]

The U.N. disagreed. "The view of the panel is that as such software is ideally suited to support military electronic intelligence (ELINT) operations it may potentially fall under the category of 'military ... equipment' or 'assistance' related to prohibited items," the secretary wrote in March. "Thus its potential use in targeting any of the belligerents in the Darfur conflict is of interest to the Panel." [21] [22]

In the fall of 2014, the Italian government abruptly froze all of HackingTeam's exports, citing human rights concerns. After lobbying Italian officials, the company temporarily won back the right to sell its products abroad. [21]

2015 data breach

On July 5, 2015, the Twitter account of the company was compromised by an unknown individual who published an announcement of a data breach against HackingTeam's computer systems. The initial message read, "Since we have nothing to hide, we're publishing all our e-mails, files, and source code ..." and provided links to over 400 gigabytes of data, including alleged internal e-mails, invoices, and source code; which were leaked via BitTorrent and Mega. [23] An announcement of the data breach, including a link to the bittorrent seed, was retweeted by WikiLeaks and by many others through social media. [24] [25]

The material was voluminous and early analysis appeared to reveal that HackingTeam had invoiced the Lebanese Army [26] and Sudan and that spy tools were also sold to Bahrain and Kazakhstan. [25] HackingTeam had previously claimed they had never done business with Sudan. [27]

The leaked data revealed a zero-day cross-platform Flash exploit (CVE number: CVE - 2015-5119. [28] The dump included a demo of this exploit by opening Calculator from a test webpage. [29] [30] [31] Adobe patched the hole on July 8, 2015. [32] Another vulnerability involving Adobe was revealed in the dumps, which took advantage of a buffer overflow attack on an Adobe Open Type Manager DLL included with Microsoft Windows. The DLL is run in kernel mode, so the attack could perform privilege escalation to bypass the sandbox. [33]

Also revealed in leaked data was HackingTeam employees' use of weak passwords, including 'P4ssword', 'wolverine', and 'universo'. [34]

After a few hours without response from HackingTeam, member Christian Pozzi tweeted the company was working closely with police and "what the attackers are claiming regarding our company is not true." [35] [36] He also claimed the leaked archive "contains a virus" and that it constituted "false info". [37] Shortly after these tweets, Pozzi's Twitter account itself was apparently compromised. [38]

Responsibility for this attack was claimed by the hacker known as "Phineas Fisher" (or Phisher) on Twitter. [39] Phineas has previously attacked spyware firm Gamma International, who produce malware, such as FinFisher, for governments and corporations. [40] In 2016, Phineas published details of the attack, in Spanish and English, as a "how-to" for others, and explained the motivations behind the attack. [41] [42]

The internal documents revealed details of HackingTeam's contracts with repressive governments. [43] In 2016, the Italian government again revoked the company's license to sell spyware outside of Europe without special permission. [6] [44]

Use by Mexican drug cartels

Corrupt Mexican officials have helped drug cartels obtain state-of-the-art spyware (including Hacking Team spyware). The software has been used to target and intimidate Mexican journalists by drug cartels and cartel-entwined government actors. [45]

Customer list

HackingTeam's clientele include not just governments, but also corporate clients such as Barclays and British Telecom (BT) of the United Kingdom, as well as Deutsche Bank of Germany. [1]

A full list of HackingTeam's customers were leaked in the 2015 breach. Disclosed documents show HackingTeam had 70 current customers, mostly military, police, federal and provincial governments. The total company revenues disclosed exceeded 40 million Euros. [46] [47] [48] [49] [50] [51]

On Sep 8, 2021, SentinelLABS released a research report about a Turkish threat actor EGoManiac, that used Remote Control System (RCS), software from the Italian infosec firm Hacking Team, which was operated between 2010 and 2016 and campaign run by Turkish TV journalists at OdaTV for spying Turkish police. [52]

Overview of Hacking Team customers
CustomerCountryAreaAgencyYear of first saleAnnual maintenance feesTotal client revenues
Polizia Postale e delle Comunicazioni [53] ItalyEuropeLEA2004€100,000€808,833
Centro Nacional de Inteligencia [54] Spain EuropeIntelligence2006€52,000€538,000
Infocomm Development Authority of Singapore Singapore APACIntelligence2008€89,000€1,209,967
Information Office Hungary EuropeIntelligence2008€41,000€885,000
CSDN Morocco MEAIntelligence2009€140,000€1,936,050
UPDF (Uganda Peoples Defense Force), ISO (Internal Security Organization), Office of the President Uganda AfricaIntelligence2015€731,000€920,197
Italy - DA - RentalItalyEuropeOther2009€50,000€628,250
Malaysian Anti-Corruption Commission Malaysia APACIntelligence2009€77,000€789,123
PCMItalyEuropeIntelligence2009€90,000€764,297
SSNS - UngheriaHungaryEuropeIntelligence2009€64,000€1,011,000
CC - ItalyItalyEuropeLEA2010€50,000€497,349
Al Mukhabarat Al A'amah Saudi Arabia MEAIntelligence2010€45,000€600,000
IR Authorities (Condor) Luxembourg EuropeOther2010€45,000€446,000
La Dependencia y/o CISEN [55] Mexico LATAMIntelligence2010€130,000€1,390,000
UZC [56] Czech Republic EuropeLEA2010€55,000€689,779
Egypt - MOD [56] Egypt MEAOther2011€70,000€598,000
Federal Bureau of Investigation [57] USANorth AmericaLEA2011€100,000€697,710
Oman - Intelligence Oman MEAIntelligence2011€30,000€500,000
President Security [58] [59] Panama LATAMIntelligence2011€110,000€750,000
Turkish National Police Turkey EuropeLEA2011€45,000€440,000
UAE - MOI UAE MEALEA2011€90,000€634,500
National Security Service [56] Uzbekistan EuropeIntelligence2011€50,000€917,038
Department of Defense [57] USANorth AmericaLEA2011€190,000
Bayelsa State Government Nigeria MEAIntelligence2012€75,000€450,000
Estado de MexicoMexicoLATAMLEA2012€120,000€783,000
Information Network Security Agency Ethiopia MEAIntelligence2012€80,000€750,000
State security (Falcon)LuxemburgEuropeOther2012€38,000€316,000
Italy - DA - RentalItalyEuropeOther2012€60,000€496,000
MAL - MIMalaysiaAPACIntelligence2012€77,000€552,000
Direction générale de la surveillance du territoire MoroccoMEAIntelligence2012€160,000€1,237,500
National Intelligence and Security Service [56] Sudan MEAIntelligence2012€76,000€960,000
Russia - KVANT [60] Russia EuropeIntelligence2012€72,000€451,017
Saudi - GIDSaudiMEALEA2012€114,000€1,201,000
SIS of National Security Committee of Kazakhstan [56] Kazakhstan EuropeIntelligence2012€140,000€1,012,500
The 5163 Army Division (Alias of South Korean National Intelligence Service) [56] [61] [62] S. Korea APACOther2012€67,000€686,400
UAE - Intelligence UAE MEAOther2012€150,000€1,200,000
Central Intelligence Agency USANorth AmericaIntelligence2011
Drug Enforcement Administration [57] [63] USANorth AmericaOther2012€70,000€567,984
Central Anticorruption Bureau Poland EuropeLEA2012€35,000€249,200
MOD SaudiSaudiMEAOther2013€220,000€1,108,687
PMOMalaysiaAPACIntelligence2013€64,500€520,000
Estado de QuerétaroMexicoLATAMLEA2013€48,000€234,500
National Security Agency [56] Azerbaijan EuropeIntelligence2013€32,000€349,000
Gobierno de PueblaMexicoLATAMOther2013€64,000€428,835
Gobierno de CampecheMexicoLATAMOther2013€78,000€386,296
AC Mongolia Mongolia APACIntelligence2013€100,000€799,000
Dept. of Correction Thai Police Thailand APACLEA2013€52,000€286,482
National Intelligence Secretariat [64] Ecuador LATAMLEA2013€75,000€535,000
Police Intelligence Directorate[ citation needed ] Colombia LATAMLEA2013€35,000€335,000
Guardia di Finanza ItalyEuropeLEA2013€80,000€400,000
Intelligence [65] Cyprus EuropeLEA2013€40,000€375,625
MidWorld [66] Bahrain MEAIntelligence2013€210,000
Mexico - PEMEXMexicoLATAMLEA2013€321,120
Malysia KMalaysiaAPACLEA2013€0
Honduras Honduras LATAMLEA2014€355,000
Mex TaumalipasMexicoLATAM2014€322,900
Secretaría de Planeación y FinanzasMexicoLATAMLEA2014€91,000€371,035
AREAItaliaEurope2014€430,000
Mexico YucatánMexicoLATAMLEA2014€401,788
Mexico DurangoMexicoLATAMLEA2014€421,397
Investigations Police of Chile Chile LATAMLEA2014€2,289,155
Jalisco MexicoMexicoLATAMLEA2014€748,003
Royal Thai Army ThailandAPACLEA2014€360,000
Vietnam GD5 Vietnam APAC2014€281,170
Kantonspolizei Zürich SwitzerlandEuropeLEA2014€486,500
Vietnam GD1VietnamAPACLEA2015€543,810
Egypt TRD GNSEEgyptMEALEA2015€137,500
Lebanese Army Lebanon MEALEA2015
Federal Police Department BrazilLATAMLEA2015
National Anticorruption Directorate Romania DNAIntelligence2015
State Informative Service [67] Albania EuropeSHIK2015
Danish National Police [68] DenmarkEurope2015€570,000

See also

Related Research Articles

Malware is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive access to information, or which unknowingly interferes with the user's computer security and privacy. Researchers tend to classify malware into one or more sub-types.

Spyware is any software with malicious behavior that aims to gather information about a person or organization and send it to another entity in a way that harms the user by violating their privacy, endangering their device's security, or other means. This behavior may be present in malware and in legitimate software. Websites may engage in spyware behaviors like web tracking. Hardware devices may also be affected.

Cyberwarfare by Russia includes denial of service attacks, hacker attacks, dissemination of disinformation and propaganda, participation of state-sponsored teams in political blogs, internet surveillance using SORM technology, persecution of cyber-dissidents and other active measures. According to investigative journalist Andrei Soldatov, some of these activities were coordinated by the Russian signals intelligence, which was part of the FSB and formerly a part of the 16th KGB department. An analysis by the Defense Intelligence Agency in 2017 outlines Russia's view of "Information Countermeasures" or IPb as "strategically decisive and critically important to control its domestic populace and influence adversary states", dividing 'Information Countermeasures' into two categories of "Informational-Technical" and "Informational-Psychological" groups. The former encompasses network operations relating to defense, attack, and exploitation and the latter to "attempts to change people's behavior or beliefs in favor of Russian governmental objectives."

Trellix is a privately held cybersecurity company that was founded in 2022. It has been involved in the detection and prevention of major cybersecurity attacks. It provides hardware, software, and services to investigate cybersecurity attacks, protect against malicious software, and analyze IT security risks.

<span class="mw-page-title-main">Kaspersky Lab</span> Russian multinational cybersecurity and anti-virus provider

Kaspersky Lab is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia, and operated by a holding company in the United Kingdom. It was founded in 1997 by Eugene Kaspersky, Natalya Kaspersky and Alexey De-Monderik. Kaspersky Lab develops and sells antivirus, internet security, password management, endpoint security, and other cybersecurity products and services.

Cyber spying, cyber espionage, or cyber-collection is the act or practice of obtaining secrets and information without the permission and knowledge of the holder of the information using methods on the Internet, networks or individual computers through the use of proxy servers, cracking techniques and malicious software including Trojan horses and spyware. Cyber espionage can be used to target various actors- individuals, competitors, rivals, groups, governments, and others- in order to obtain personal, economic, political or military advantages. It may wholly be perpetrated online from computer desks of professionals on bases in far away countries or may involve infiltration at home by computer trained conventional spies and moles or in other cases may be the criminal handiwork of amateur malicious hackers and software programmers.

Cyberwarfare by China is the aggregate of all combative activities in the cyberspace which are taken by organs of the People's Republic of China, including affiliated advanced persistent threat (APT) groups, against other countries.

HBGary is a subsidiary company of ManTech International, focused on technology security. In the past, two distinct but affiliated firms had carried the HBGary name: HBGary Federal, which sold its products to the US Government, and HBGary, Inc. Its other clients included information assurance companies, computer emergency response teams, and computer forensic investigators. On 29 February 2012, HBGary, Inc. announced it had been acquired by IT services firm ManTech International. At the same time, HBGary Federal was reported to be closed.

<span class="mw-page-title-main">FinFisher</span> Surveillance software

FinFisher, also known as FinSpy, is surveillance software marketed by Lench IT Solutions plc, which markets the spyware through law enforcement channels.

Cyberweapons are commonly defined as malware agents employed for military, paramilitary, or intelligence objectives as part of a cyberattack. This includes computer viruses, trojans, spyware, and worms that can introduce malicious code into existing software, causing a computer to perform actions or processes unintended by its operator.

<span class="mw-page-title-main">Morgan Marquis-Boire</span> New Zealand hacker, journalist, and security researcher

Morgan Marquis-Boire is a New Zealand-born hacker, journalist, and security researcher. Marquis-Boire previously served as an advisor to the Freedom of the Press Foundation. He was a Special Advisor to the Electronic Frontier Foundation (EFF) and advisor to the United Nations Interregional Crime and Justice Research Institute. He was the Director of Security at First Look Media and a contributing writer at The Intercept. He has been profiled by Wired, CNN, Süddeutsche Zeitung, and Tages Anzeiger. He was one of Wired Italy 's Top 50 people of 2014. In March 2015 he was named a Young Global Leader.

Fancy Bear, also known as APT28, Pawn Storm, Sofacy Group, Sednit, Tsar Team and STRONTIUM or Forest Blizzard, is a Russian cyber espionage group. Cybersecurity firm CrowdStrike has said with a medium level of confidence that it is associated with the Russian military intelligence agency GRU. The UK's Foreign and Commonwealth Office as well as security firms SecureWorks, ThreatConnect, and Mandiant, have also said the group is sponsored by the Russian government. In 2018, an indictment by the United States Special Counsel identified Fancy Bear as GRU Unit 26165. This refers to its unified Military Unit Number of the Russian army regiments. The headquarters of Fancy Bear and the entire military unit, which reportedly specializes in state-sponsored cyberattacks and decryption of hacked data, were targeted by Ukrainian drones on July 24, 2023, the rooftop on an adjacent building collapsed as a result of the explosion.

Gamma Group is an Anglo-German technology company that sells surveillance software to governments and police forces around the world. The company has been strongly criticised by human rights organisations for selling its FinFisher software to undemocratic regimes such as Egypt and Bahrain.

<span class="mw-page-title-main">Phineas Fisher</span> Hacktivist

Phineas Fisher is an unidentified hacktivist and self-proclaimed anarchist revolutionary. Notable hacks include the surveillance company Gamma International, Hacking Team, the Sindicat De Mossos d'Esquadra and the ruling Turkish Justice and Development Party three of which were later made searchable by WikiLeaks.

<span class="mw-page-title-main">NSO Group</span> Israeli cyber-espionage and malware firm

NSO Group Technologies is an Israeli cyber-intelligence firm primarily known for its proprietary spyware Pegasus, which is capable of remote zero-click surveillance of smartphones. It employed almost 500 people as of 2017.

Pegasus is a spyware developed by the Israeli cyber-arms company NSO Group that is designed to be covertly and remotely installed on mobile phones running iOS and Android. While NSO Group markets Pegasus as a product for fighting crime and terrorism, governments around the world have routinely used the spyware to surveil journalists, lawyers, political dissidents, and human rights activists. The sale of Pegasus licenses to foreign governments must be approved by Israeli defense ministry.

<span class="mw-page-title-main">Vault 7</span> CIA files on cyber war and surveillance

Vault 7 is a series of documents that WikiLeaks began to publish on 7 March 2017, detailing the activities and capabilities of the United States Central Intelligence Agency (CIA) to perform electronic surveillance and cyber warfare. The files, dating from 2013 to 2016, include details on the agency's software capabilities, such as the ability to compromise cars, smart TVs, web browsers including Google Chrome, Microsoft Edge, Mozilla Firefox, and Opera, the operating systems of most smartphones including Apple's iOS and Google's Android, and computer operating systems including Microsoft Windows, macOS, and Linux. A CIA internal audit identified 91 malware tools out of more than 500 tools in use in 2016 being compromised by the release. The tools were developed by the Operations Support Branch of the CIA.

Hack Forums is an Internet forum dedicated to discussions related to hacker culture and computer security. The website ranks as the number one website in the "Hacking" category in terms of web-traffic by the analysis company Alexa Internet. The website has been widely reported as facilitating online criminal activity, such as the case of Zachary Shames, who was arrested for selling keylogging software on Hack Forums in 2013 which was used to steal personal information.

The Pegasus Project is an international investigative journalism initiative that revealed governments' espionage on journalists, opposition politicians, activists, business people and others using the private Pegasus spyware developed by the Israeli technology and cyber-arms company NSO Group. Pegasus is ostensibly marketed for surveillance of "serious crimes and terrorism". In 2020, a target list of 50,000 phone numbers leaked to Forbidden Stories, and an analysis revealed the list contained the numbers of leading opposition politicians, human rights activists, journalists, lawyers and other political dissidents.

References

  1. 1 2 3 Batey, Angus (24 November 2011). "The spies behind your screen". The Telegraph. Archived from the original on 6 October 2022. Retrieved 26 July 2015.
  2. "Enemies of the Internet: HackingTeam". Reporters Without Borders . Archived from the original on 29 April 2014. Retrieved 24 April 2014.
  3. Marczak, Bill; Gaurnieri, Claudio; Marquis-Boire, Morgan; Scott-Railton, John (17 February 2014). "Mapping HackingTeam's "Untraceable" Spyware". Citizen Lab . Archived from the original on 20 February 2014.
  4. Kopfstein, Janus (10 March 2014). "Hackers Without Borders". The New Yorker . Archived from the original on 6 November 2018. Retrieved 24 April 2014.
  5. Marquis-Boire, Morgan; Gaurnieri, Claudio; Scott-Railton, John; Kleemola, Katie (24 June 2014). "Police Story: HackingTeam's Government Surveillance Malware". Citizen Lab. University of Toronto. Archived from the original on 25 June 2014. Retrieved 3 August 2014.
  6. 1 2 Zorabedian, John (8 April 2016). "HackingTeam loses global license to sell spyware". Naked Security. Archived from the original on 6 June 2023. Retrieved 15 May 2016.
  7. Human Rights Watch (25 March 2014). "They Know Everything We Do" Archived 3 May 2023 at the Wayback Machine . Retrieved 1 August 2015.
  8. Jeffries, Adrianne (13 September 2013). "Meet HackingTeam, the company that helps the police hack you". The Verge . Archived from the original on 24 March 2016. Retrieved 21 April 2014.
  9. "Noi, i padri del cyber-007". 2 December 2011. Archived from the original on 19 April 2019. Retrieved 19 April 2019.
  10. Jeffries, Adrianne (13 September 2013). "Meet Hacking Team, the company that helps the police hack you". The Verge. Archived from the original on 24 March 2016. Retrieved 20 August 2021.
  11. 1 2 Farivar, Cyrus (20 July 2015). "Hacking Team goes to war against former employees, suspects some helped hackers". Ars Technica. Archived from the original on 13 April 2019. Retrieved 11 April 2024.
  12. "HackingTeam's US Nexus". 28 February 2014. Archived from the original on 12 July 2015. Retrieved 2 August 2015.
  13. "Nasce Memento Labs". 2 April 2019. Archived from the original on 19 April 2019. Retrieved 19 April 2019.
  14. Stecklow, Steve; Sonne, Paul; Bradley, Matt (1 June 2011). "Mideast Uses Western Tools to Battle the Skype Rebellion". The Wall Street Journal. Retrieved 26 July 2015.
  15. Lin, Philippe (13 July 2015). "HackingTeam Uses UEFI BIOS Rootkit to Keep RCS 9 Agent in Target Systems". TrendLabs Security Intelligence Blog. Trend Micro. Archived from the original on 6 May 2019. Retrieved 26 July 2015.
  16. 1 2 "Advanced spyware for Android now available to script kiddies everywhere" Archived 18 April 2019 at the Wayback Machine . Ars Technica. Retrieved 2 August 2015.
  17. Farivar, Cyrus (14 July 2015). " HackingTeam broke Bitcoin secrecy by targeting crucial wallet file Archived 17 April 2019 at the Wayback Machine ". Ars Technica. Retrieved 26 July 2015.
  18. Schneier, Bruce. "More on HackingTeam's Government Spying Software". Archived from the original on 31 October 2014. Retrieved 28 June 2014.
  19. "HackingTeam Tools Allow Governments To Take Full Control of Your Smartphone". International Business Times UK. 24 June 2014. Archived from the original on 28 February 2019. Retrieved 15 May 2016.
  20. Guarnieri, Claudio; Marquis-Boire, Morgan (13 January 2014). "To Protect And Infect: The militarization of the Internet" Archived 23 June 2019 at the Wayback Machine . At the 30th Chaos Communications Congress – "30C3". (Video or Audio). Chaos Computer Club. Retrieved 15 August 2015.
  21. 1 2 3 4 5 Hay Newman, Lily (7 July 2015). "A Detailed Look at HackingTeam's Emails About Its Repressive Clients". The Intercept. Archived from the original on 7 March 2019. Retrieved 15 May 2016.
  22. Knibbs, Kate (8 July 2015). "HackingTeam's Lame Excuse for Selling Digital Weapons to Sudan". Gizmodo. Archived from the original on 25 December 2017. Retrieved 15 May 2016.
  23. "Hacked Team (@hackingteam)". Archived from the original on 6 July 2015. Retrieved 6 July 2015.{{cite web}}: CS1 maint: bot: original URL status unknown (link)
  24. WikiLeaks [@wikileaks] (6 July 2015). "Inside malware makers "HackingTeam": hundreds of gigabytes of e-mails, files, and source code" (Tweet). Retrieved 6 July 2015 via Twitter.
  25. 1 2 "HackingTeam hacked: Spy tools sold to oppressive regimes Sudan, Bahrain and Kazakhstan". International Business Times. 6 June 2015. Archived from the original on 19 April 2019. Retrieved 6 July 2015.
  26. HackingTeam on X
  27. Ragan, Steve (5 July 2015). "HackingTeam hacked, attackers claim 400GB in dumped data" . Retrieved 6 July 2015.
  28. "Security Advisory for Adobe Flash Player". helpx.adobe.com. Adobe Systems. 8 July 2015. Archived from the original on 9 July 2015. Retrieved 30 August 2016.
  29. Khandelwal, Swati. "Zero-Day Flash Player Exploit Disclosed In 'HackingTeam' Data Dump". Archived from the original on 22 June 2019. Retrieved 6 July 2015.
  30. Pi, Peter. "Unpatched Flash Player Flaw, More POCs Found in HackingTeam Leak". Archived from the original on 22 June 2019. Retrieved 8 July 2015.
  31. "WICAR test malware". Archived from the original on 31 August 2019. Retrieved 16 May 2017.
  32. "Adobe Security Bulletin". Archived from the original on 10 July 2015. Retrieved 11 July 2015.
  33. Tang, Jack (7 July 2015). "A Look at the Open Type Font Manager Vulnerability from the HackingTeam Leak". Archived from the original on 14 April 2019. Retrieved 8 July 2015.
  34. Whittaker, Zack. "HackingTeam used shockingly bad passwords". ZDNet . Archived from the original on 12 February 2019. Retrieved 6 July 2015.
  35. Christian Pozzi. "unknown". Archived from the original on 7 March 2021. Retrieved 6 July 2015 via Twitter.{{cite web}}: Cite uses generic title (help)
  36. Christian Pozzi. "unknown". Archived from the original on 7 March 2021. Retrieved 6 July 2015 via Twitter.{{cite web}}: Cite uses generic title (help)
  37. Christian Pozzi. "unknown". Archived from the original on 23 December 2020. Retrieved 6 July 2015 via Twitter.{{cite web}}: Cite uses generic title (help)
  38. "Christian Pozzi on Twitter: "Uh Oh - my twitter account was also hacked."". 6 July 2015. Archived from the original on 6 July 2015. Retrieved 6 July 2015.
  39. Phineas Fisher [@gammagrouppr] (6 July 2015). "gamma and HT down, a few more to go :)" (Tweet) via Twitter.
  40. Osbourne, Charlie. "HackingTeam: We won't 'shrivel up and go away' after cyberattack". ZDNet . Archived from the original on 5 July 2018. Retrieved 6 July 2015.
  41. Hack Back — A DIY Guide (Hacking Team). 26 April 2017. Archived from the original on 8 January 2024. Retrieved 8 January 2024.{{cite book}}: |website= ignored (help)
  42. "How HackingTeam got hacked". Ars Technica. 19 April 2016. Archived from the original on 18 June 2017. Retrieved 15 May 2016.
  43. "A Detailed Look at HackingTeam's Emails About Its Repressive Clients". The Intercept. 7 July 2015. Archived from the original on 7 March 2019. Retrieved 15 May 2016.
  44. "Hacking Team's Global License Revoked by Italian Export Authorities". Privacy International. 8 April 2016. Archived from the original on 5 May 2019. Retrieved 15 May 2016.
  45. "'It's a free-for-all': how hi-tech spyware ends up in the hands of Mexico's cartels". TheGuardian.com . 7 December 2020. Archived from the original on 24 February 2022. Retrieved 7 December 2020.
  46. Kopstein, Justin (6 July 2015). "Here Are All the Sketchy Government Agencies Buying HackingTeam's Spy Tech". Vice Magazine. Archived from the original on 31 March 2019. Retrieved 5 May 2019.
  47. Weissman, Cale Guthrie (6 July 2015). "Hacked security company's documents show a laundry list of questionable clients". Business Insider . Archived from the original on 6 October 2019. Retrieved 5 May 2019.
  48. Ragan, Steve. "In Pictures: HackingTeam's hack curated". CSO Online (Australia). Archived from the original on 9 April 2019. Retrieved 5 May 2019.
  49. Hern, Alex (6 July 2015). "HackingTeam hacked: firm sold spying tools to repressive regimes, documents claim". The Guardian. Retrieved 22 July 2015.
  50. Ragan, Steve (6 July 2015). "HackingTeam responds to data breach, issues public threats and denials". CSO Online. Archived from the original on 1 March 2019. Retrieved 22 July 2015.
  51. Stevenson, Alastair (14 July 2015). "A whole bunch of downed government surveillance programs are about to go back online". Business Insider. Archived from the original on 23 July 2015. Retrieved 22 July 2015.
  52. Stevenson, Alastair (8 September 2021). "Hacking Team Customer in Turkey Was Arrested for Spying on Police Colleagues [or: The Spy Story That Spun a Tangled Web]". Zetter. Archived from the original on 4 April 2022. Retrieved 8 September 2021.
  53. Jone Pierantonio. "Ecco chi ha bucato HackingTeam" Archived 6 August 2015 at the Wayback Machine . International Business Times. Retrieved 2 August 2015.
  54. Ediciones El País (8 July 2015). "HackingTeam: “Ofrecemos tecnología ofensiva para la Policía”" Archived 18 December 2019 at the Wayback Machine . El País. Retrieved 2 August 2015.
  55. "The HackingTeam leak shows Mexico was its top client, but why?" Archived 10 October 2019 at the Wayback Machine . Fusion. Retrieved 2 August 2015.
  56. 1 2 3 4 5 6 7 "Leaked emails from security firm HackingTeam show government use - Fortune" Archived 20 July 2015 at the Wayback Machine . Fortune. Retrieved 2 August 2015.
  57. 1 2 3 "Leaked Documents Show FBI, DEA and U.S. Army Buying Italian Spyware". The Intercept. Retrieved 2 August 2015.
  58. "HackingTeam's Equipment Got Stolen in Panama". Motherboard. Retrieved 2 August 2015.
  59. Molina, Thabata (13 August 2015). "Panama to Investigate Martinelli in HackingTeam Spying Scandal" Archived 27 June 2019 at the Wayback Machine . Panama Post. Retrieved 15 August 2015.
  60. "HackingTeam apparently violated EU rules in sale of spyware to Russian agency" Archived 2 December 2017 at the Wayback Machine . Ars Technica. Retrieved 2 August 2015.
  61. "How HackingTeam Created Spyware that Allowed the FBI To Monitor Tor Browser" Archived 12 June 2019 at the Wayback Machine . The Intercept. Retrieved 2 August 2015.
  62. McGrath, Ben (25 July 2015). " Further revelations in South Korean hacking scandal Archived 7 August 2015 at the Wayback Machine ". World Socialist Web Site. Retrieved 26 July 2015.
  63. "The DEA Just Cancelled Its Contract With HackingTeam" Archived 7 October 2017 at the Wayback Machine . Motherboard. Retrieved 2 August 2015.
  65. In Cyprus (11 July 2015).Intelligence Service chief steps down Archived 2015-08-15 at the Wayback Machine . Retrieved 26 July 2015.
  66. Bahrain Center for Human Rights (15 July 2015). " HackingTeam's troubling connections to Bahrain Archived 21 July 2015 at the Wayback Machine " IFEX. Retrieved 26 July 2015.
  67. Lexime (14 July 2015). " Burime të sigurta, SHISH përdor programet përgjuese që prej 2015. HackingTeams: Nuk e kemi nën kontroll sistemin! Archived 9 January 2020 at the Wayback Machine " (video). BalkanWeb. Retrieved 27 July 2015.
  68. "Dansk politi køber overvågningssystem fra kontroversielt firma". Information.dk. Dagbladet Information. Archived from the original on 20 September 2021. Retrieved 10 October 2021.
  69. HackingTeam: a zero-day market case study Archived 24 July 2015 at the Wayback Machine , Vlad Tsyrklevich's blog
  70. Perlroth, Nicole (10 October 2012). Ahead of Spyware Conference, More Evidence of Abuse Archived 26 December 2017 at the Wayback Machine . The New York Times (Bits).
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.