Hacking Team Hacked, Attackers Grab 400GB of Internal Data

← Back to Stories (view on slashdot.org)

Hacking Team Hacked, Attackers Grab 400GB of Internal Data

Posted by Soulskill on Monday July 6, 2015 @12:56AM from the bet-they-have-a-case-of-the-mondays dept.

Several readers sent word that notorious surveillance company Hacking Team has itself been hacked. Attackers made off with 400GB worth of emails, documents, and source code. The company is known for providing interception tools to government and law enforcement agencies. According to the leaked files, Hacking Team has customers in Egypt, South Korea, Kazakhstan, Saudi Arabia, Oman, Lebanon, Mongolia, Russia, Germany, Sudan, and the United States — to name a few. It has been labeled an enemy of the internet by Reporters Without Borders. "Clients have had their passwords exposed as well, as several documents related to contracts and configurations have been circulating online." Nobody knows yet who perpetrated the hack.

17 of 95 comments (clear)

Min score:

Reason:

Sort:

Find the source code on GitHub by Anonymous Coward · 2015-07-06 01:01 · Score: 5, Informative

Someone started uploading all the HackingTeam source code to GitHub: https://github.com/hackedteam?...
There are also some signing keys for kernel drivers in here.
That's a bad day for Hacking Team and a good day for everyone else.
1. Re:Find the source code on GitHub by johanw · 2015-07-06 01:35 · Score: 3, Funny
  
  Some 0-day leaks were found too, so I think MS will be quick to patch them.
2. Re:Find the source code on GitHub by jimbolauski · 2015-07-06 02:06 · Score: 3, Informative
  
  Really, you can't follow the code without English comments?
  I pray you don't write any software that other people have to use. Most companies will flat out reject code if it has not been properly documented.
  
  --
  Knowledge = Power
  P= W/t
  t=Money
  Money = Work/Knowledge so the less you know the more you make
3. Re:Find the source code on GitHub by dunkelfalke · 2015-07-06 02:14 · Score: 5, Insightful
  
  Comments aren't there for following the code - even a code monkey like me can do that. They are to explain the reasoning behind the code.
  
  --
  "It's such a fine line between stupid and clever" -- David St. Hubbins, Spinal Tap
4. Re:Find the source code on GitHub by Mikkeles · 2015-07-06 05:34 · Score: 2
  
  As had been said before: if the comments and code don't match, then both are probably wrong.
  
  --
  Great minds think alike; fools seldom differ.
Another turn of the screw by fustakrakich · 2015-07-06 01:02 · Score: 2

*What's good for the goose...*
Schadenfreude...

--
“He’s not deformed, he’s just drunk!”
Monty Python. by Ukab+the+Great · 2015-07-06 01:07 · Score: 5, Funny

We apologize for corporate and govt data breeches. Those responsible have been
hacked.
---
We apologise again for the data breeches. Those responsible for hacking
the people who have just been hacked,
have been hacked.
400GB by troon · 2015-07-06 01:32 · Score: 2

"400GB worth of emails, documents, and source code"
Seems unlikely. There's going to be a lot of... binary data in there, surely.

--
Ydco co ,df C erb-y go. a Ekrpat t.fxrapev
Re:SubjectsInCommentsAreStupid by D.McG. · 2015-07-06 01:34 · Score: 5, Interesting

How does a group like that not notice 400GB of traffic exiting the building? If it were done in a single day, the hackers would need to draw down 4,629,629 bytes per second sustained for 24 hours.
Re:SubjectsInCommentsAreStupid by s0litaire · 2015-07-06 01:41 · Score: 4, Funny

Probably thought it was one of their bit-torrent clients..
Even evil hackers require an extensive porn collection to do their job...

--
Laters Sol "Have you found the secrets of the universe? Asked Zebade "I'm sure I left them here somewhere"
GeoTrust signing keys by fulldecent · 2015-07-06 02:01 · Score: 3, Interesting

Can someone please explain the significance and consequences of publishing this:
GeoTrust_SigningCertificateExported_2011.pfx
https://github.com/hackedteam/...

--
-- I was raised on the command line, bitch
1. Re:GeoTrust signing keys by mwvdlee · 2015-07-06 03:46 · Score: 3, Interesting
  
  From the looks of it, this key seems to be used for signing Windows binaries, not for SSL certificates.
  Surely somebody more knowledgeable can confirm or deny this?
  
  --
  Slashdot social media options: AIM, ICQ, Yahoo, Jabber and Mobile Text. Why no MySpace?
2. Re:GeoTrust signing keys by Anonymous Coward · 2015-07-06 04:08 · Score: 4, Informative
  
  It's confirmed. One of the news stories (can't remember which one) said that HT would recommend that their clients purchase digital certs to sign the malware they bought in order to skirt anti-virus scans. Apparently most antivirus software will ignore legitamite looking signed apps with certs that have been timestamped. The GeoTrust cert is probably a test cert that HT uses.
3. Re:GeoTrust signing keys by dissy · 2015-07-06 04:47 · Score: 3, Informative
  
  Can someone please explain the significance and consequences of publishing this:
  GeoTrust_SigningCertificateExported_2011.pfx
  It's another couple good patters for antivirus software to look for and trigger upon finding.
  Anyone infected with their rootkitted drivers four years ago and haven't had the malware update may find out about being infected with it.
  If they used the same company name for their 2015 certificate as is used in the certs published, that would be another signature for AV software to trigger on if they kept your rootkitted drivers updated.
  That's about it however.
  The certificate is long expired so can't be used to sign any new code with.
  You can also be pretty certain their next certificate (to be issued any day now, if not already) will be under a different name as well.
apple issued enterprise dev cert to ht by Anonymous Coward · 2015-07-06 03:11 · Score: 2, Informative

https://twitter.com/FredericJa...
Subject: UID=DE9J4B8GTF, CN=iPhone Distribution: HT srl, OU=DE9J4B8GTF, O=HT srl, C=IT
Re:Yay! by Curunir_wolf · 2015-07-06 03:35 · Score: 2

What's your bot? (My boys and I are watching the show on ABC.)
What a horrible job they did of putting that show together. Battles are only 3 minutes, but with all the commentary, backgrounders, interviews and fluff, they can only fit FOUR battles into an hour-long show. Worse, they include so much commentary they actually EXCLUDE about 1/2 the battles, and just show a few highlights from some.
Imagine if a network covered the NBA playoffs like that? Producers at ABC certainly showed a lot of incompetence with that show.

--
"Somebody has to do something. It's just incredibly pathetic it has to be us."
--- Jerry Garcia
Re:Yay! by jandrese · 2015-07-06 05:03 · Score: 3, Funny

In other words they covered it exactly the same way they cover the Olympics?

--

I read the internet for the articles.