AddisNews – The Italy-based company that has been accused in the past for selling Spying software for the Ethiopian government and to other repressive regimes and countries to use it against journalists and politicians is a victim of hacking it self according to The Guardian report. The company offers legal offensive security services, using malware and vulnerabilities to gain access to target’s networks.
Cybersecurity firm Hacking Team seems to have been the victim of an ironic twist of fate. The notorious firm makes its money building malware that allows governments to break into their citizens’ communications undetected, but reports claim that it’s suffered a massive hack of its own servers that has seen a gargantuan 400GB of data leaked onto the internet.
The company has come under fire many times in the past, being accused of supplying governments with less than stellar reputations. The company has been accused of supplying such tools to censured countries like Azerbaijan, Kazakhstan, Uzbekistan, Russia, Bahrain, Saudi Arabia, the UAE and Ethiopia – which it has denied.
Hacking Team also works with law enforcement and national security organisations to either conduct hacking, or to protect themselves from it.
According to The Guardian, the group responsible for the attack have not made themselves known and briefly took over the Twitter of Hacking Team, renaming it Hacked Team. At the time of writing, the account has been restored and all tweets from the hacking group has been deleted.
The website however, is still offline and returns an Error 522.
“One such tweet, which has since been removed, purports to show Hacking Team negotiating with a third-party reseller to export its malware to Nigeria. Another is claimed to show the company debating what to do after an independent investigation from the University of Toronto attacked it for selling hacking tools to Ethiopia, which then used it to target journalists in the US and elsewhere,” The Guardian wrote.
The company has naturally denied the claims that it sold malware and hacking tools to nefarious countries.
Among the documents tweeted from the Hacked Team Twitter account was an invoice from the Sudanese national intelligence service for $529 000 in 2012.
Hacking Team is one of a number of security firms which sell surveillance technology and malware to national governments, enabling them to access the computers of their targets. Gamma International, another firm in the same space which was best known for its FinFisher surveillance software, suffered a similar hack in 2014. In the 40GB of data on FinFisher leaked, the company’s clients, capabilities and pricing was revealed; according to the leaked documents, Hacking Team was celebrating the demise of “a wannabe competitor of ours”.
Hacking Team refused to give comment over the phone, directing the Guardian to an email address. Multiple emails to that address and others given on the firm’s website were returned as undeliverable, and on a follow-up call, Hacking Team again declined to comment and directed the paper to the broken email address. When the Guardian explained that the email address was not working, Hacking Team declined to give an alternative address or any other form of contact.
While South Africa hasn’t been implicated in Hacking Team (yet), the company will be ISS World South Africa in Johannesburg on 27 July this year. The conference styles itself as the world’s largest gathering of Southern Africa Law Enforcement, Intelligence and Homeland Security Analysts.
Source: htxt.co.za and The Guardian.co.uk