Corporate data has been stolen from the elusive company, which provides spyware and malware to government agencies, and is now being widely circulated online. Included in the cache are emails, source code, and confidential documents.
The firm suffered a large-scale data breach and its Twitter feed was taken over by hackers, who changed the account name to “Hacked Team”. The files reveal who the company has been dealing with including a number of countries known for their oppressive regimes.
Leaked emails also show the official reply of the Italian ambassador to the UN in New York, Sebastiano Cardi, telling the United Nations that Hacking Team “currently has no business relations or any agreements that would allow the Sudan or any entity in its territory to use the software”.
Hacking Team has been under consistent fire from organizations such as the University of Toronto’s Citizen Lab. One of Hacking Team’s main products is the Remote Control System, which is a suite of tools that enables secret remote access of a computer.
This is apparently an advertisement for the company’s Da Vinci surveillance tool. Other customers on the list were intelligence and policing bodies from Australia, Azerbaijan, Bahrain, Chile, Columbia, Cyprus, Czech Republic, Ecuador, Egypt, Ethiopia, Honduras, Hungary, Luxembourg, Malaysia, Mexico, Mongolia, Morocco, Nigeria, Oman, Panama, Poland, Russia, Saudi Arabia, Spain, South Korea, Sudan, Thailand, Tunisia, Turkey, the UAE and Uzbekistan.
“We are therefore calling for an urgent clarification by both the Italian government and the Region of Lombardy into this, and for their response to the appropriateness of investing public money in technologies that can be used to facilitate human rights abuses”.
The attackers have not been afraid to rub a little salt in the wound. Passwords recovered from the leaked documents include the likes of “HTPassw0rd”, “Passw0rd!81”, “Passw0rd”, “Passw0rd!”, “Pas$w0rd” and “Rite1.!!”.
With the number of big governments that seem to be customers of Hacking Team, the fallout from this breach could be huge.
There have been questions raised over the activities of Hacking Team before, particularly by the NGO Reporters Without Borders, which has named the company on its Enemies of the internet index. Eventually, Christian Pozzi from the company took to Twitter to hit out at the perpetrators. Pozzi’s Twitter account has since been deleted and Hacking Team’s Twitter account has been restored.