Security Experts:

Surveillance Software Firm Hacking Team Suffers Data Breach

Hacking Team, a controversial Italy-based company that develops and sells surveillance technology to governments worldwide, has been breached. The attackers have leaked hundreds of gigabytes of sensitive information allegedly obtained from the company’s systems.

Hacking Team offers lawful interception tools, which the company calls “offensive technology,” to law enforcement and intelligence agencies from all over the world. Officially, the spyware maker does not sell its products to countries that abuse human rights.

However, the company has been accused on several occasions by organizations like Citizen Lab of providing surveillance solutions to countries that don’t have a good record on democracy and human rights, including Sudan, Morocco, Ethiopia, and the United Arab Emirates. The emails and documents leaked now by an unknown group of hackers show that Hacking Team appears to be well aware that its solutions are used by oppressive regimes.

The breach came to light early on Monday when someone hijacked Hacking Team’s Twitter account and started publishing screenshots apparently representing emails sent and received by the company’s employees. The screenshots show emails regarding DNS issues suffered by Hacking Team in March 2014 due to its service provider, commentary on reports from Citizen Lab and other researchers, and communications related to human rights investigations.

One screenshot allegedly shows the screen of a member of Hacking Team’s network security staff whose computer was used to exfiltrate sensitive data from the company.

The attackers also published a torrent file containing 400GB of emails, files and source code allegedly taken from Hacking Team.

Some of the leaked emails show that the United Nations has been investigating the reported sale of Hacking Team’s surveillance tools to Sudan. The company denied any involvement with Sudan, but leaked emails seem to show otherwise.

Christopher Soghoian, principal technologist at the American Civil Liberties Union (ACLU), analyzed some of the leaked files and identified a document that apparently shows every one of Hacking Team’s customers and the revenue they have generated. The document reveals that Ethiopia paid $1 million for surveillance software, while the government of Chile signed the largest contract to date, worth $2.85 million.

Hacking Team could not be reached for comment. The company’s Twitter account still appears to be controlled by the attackers at the time of publishing.

Hacking Team’s Christian Pozzi said on Twitter that the breach has been reported to law enforcement authorities and that the people responsible for the attack will be arrested. Pozzi also warned users that the torrent file leaked by the hackers contains a virus.

“A lot of what the attackers are claiming regarding our company is not true. Please stop spreading false lies about the services we offer,” Pozzi said. “We haven't broken any laws. We simply provide custom software solutions tailored to our customers needs,” he added.

The Hacking Team representative says they are in the process of notifying all customers about the breach.

Pozzi's Twitter account was also hijacked minutes before this article was published.

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.