Hacking news 2015: The Hacking Team Hacking – Latest news
Recall, July 5, unknown hackers have broken into the computer network of the company and abducted more than 400 GB of corporate data.
Stolen information includes corporate documents, source code, and even, as it became known, a few exploits for zero-day vulnerability in Adobe Flash. Also, hackers managed to hack the official Hacking Team account in Twitter.
Hacking Team’s CEO David Vincenzetti issued a new statement promising that the company plans to deliver the recovered version of Galileo Remote Control System (Galileo, is the advanced and sophisticated spyware tool) and internal infrastructure to replace products that have been compromised in the cyber attacks.
Vincenzetti also reported that version 10 Remote Control System will be available in autumn 2015.
Hacking Team in the News
Below we provide links to the most interesting latest articles related to hacking of a cyber security company “The Hacking Team”.
Cyber security articles related Hacking Team Leak
The “BeNews” app is a backdoor app
- Fake News App in Hacking Team Dump Designed to Bypass Google Play
The backdoor, ANDROIDOS_HTBENEWS.A, can affect, but is not limited to, Android versions starting from 2.2 Froyo to 4.4.4 KitKat. It exploits CVE-2014-3153 local privilege escalation vulnerability in Android devices… See more at – http://blog.trendmicro.com/… - RCSAndroid Spying Tool Listens to Calls; Roots Devices to Get In
Trend Micro researchers found that among the leaked files is the code for Hacking Team’s open-source malware suite RCSAndroid (one of the most professionally developed and sophisticated Android malware), which was sold by the company as a tool for monitoring targets… Learn more at: http://blog.trendmicro.com/trendlabs-security-intelligence…
1. UEFI (Unified Extensible Firmware Interface) BIOS Rootkit:
- Hacking Team Uses UEFI BIOS Rootkit to Keep RCS 9 Agent in Target Systems.
Trend Micro researchers discovered that Hacking Team developed a help tool for the users of their BIOS rootkit, and even provided support for when the BIOS image is incompatible… See more at – http://blog.trendmicro.com/… - Hacking Team spyware rootkit: Even a new HARD DRIVE wouldn’t get rid of it.
Surveillance software maker Hacking Team has provided its government customers with the ability to infect the low-level firmware. The intruder gets access to the target computer, reboots into UEFI shell, dumps the BIOS, installs the BIOS rootkit, re-flashes the BIOS, and then reboots the target system… See more at – http://www.theregister.co.uk/… - Hacking Team Spyware preloaded with UEFI BIOS Rootkit to Hide Itself.
According to researchers, Hacking Team’s rootkit malware is only able to target UEFI BIOS systems developed by Insyde and AMI vendors, used by the majority of computer and laptop manufacturers… See more at – http://thehackernews.com/… - Hacking Team’s malware uses a UEFI rootkit to survive operating system reinstalls.
Security researchers have found that Hacking Team developers used BIOS UEFI rootkit to install Remote Control System Agent on the target system… See more at – http://www.pcworld.com/…
2. Flash Zero-Day vulnerability:
It should be noted that Adobe Flash Player and other Adobe products, are one of the most popular programs used by hackers to compromise user’s systems and steal personal data.
- Third Hacking Team Flash Zero-Day Found.
Adobe confirmed that it is working on a patch for the two outstanding zero-day vulnerabilities exposed in the Hacking Team breach… See more at – https://krebsonsecurity.com/… - Hacking Team Expose Critical Security Flaw In Flash Players.
Criminals who sell toolkits for mass exploitation began integrating the first Flash bug discovered in Hacking Team’s files within hours. Security researchers at FireEye and TrendMicro are credited with reporting CVE-2015-5122 and CVE-2015-5123, respectively… See more at – http://yournewswire.com/… - Facebook calls for end to Flash as Firefox blocks it over hacking holes.
Mozilla has blocked every version of Adobe’s Flash plugin from running within its Firefox browser, while Facebook’s head of security has called for Adobe to kill it off… See more at – http://www.theguardian.com/…
3. ‘We’re the good guys’:
- ‘We’re the good guys’, insists Hacking Team founder.
Vincenzetti now admits that Hacking Team did do business with Sudan. As for other countries Hacking Team has done business with, Vincenzetti does present excuses… See more at – http://www.wired.co.uk/… - Hacking Team boss: we sold to Ethiopia but ‘we’re the good guys’.
The founder of cybersecurity firm, David Vincenzetti said: “… we do not trade in weapons, we do not sell guns that can be used for years.” He said that without regular updates its tools are rapidly blocked by cyber security countermeasures … when we heard that Galileo had been used to spy on a journalist in opposition of the government, we asked about this, and finally decided to stop supplying them … See more at – http://www.theguardian.com/…
4. Other Related Articles:
- Leaked Emails Show Hacking Team Lied to Its ‘Rascal’ Customers
Hacking Team, sold its spyware to authoritarian countries with poor human rights records such as Ethiopia or Sudan, and even considered selling to Bangladesh’s “death squad,” and Rwanda… See more at: http://motherboard.vice.com/… - The FBI Asked Hacking Team for Help Unmasking a Tor User
FBI agent said that the agency was interested in sourcing more tools that could be used to identify users of Tor … See more at: http://www.zdnet.com/… - Hacking Team broke Bitcoin secrecy by targeting crucial wallet file.
Back in January 2014, Hacking Team internally announced a new feature as part of its version 9.2. It is straightforward to grab the wallet.dat and related files and for malcode to get the password for this file when the user accesses their bitcoins… See more at – http://arstechnica.com/… - Hacking Team violated EU rules in sale of spyware to Russian agency.
It sold its Remote Control System surveillance software (called “Advanced Monitoring”) to the Federal Security Service of the Russian Federation (FSB), the successor agency to the KGB… See more at – http://arstechnica.com/… - Hacking Team Says Suspects Foreign Government Was Behind Mass Attack.
The source code of a number of its top secret programmes has been published online. Terrorists, extortionists and others can deploy this technology at will if they have the technical ability to do so… See more at – http://gadgets.ndtv.com/… - Hacking Team: government-sponsored cyberattack company likely hacked by another country, it claims.
The company has always maintained that it only sells its hacking services to vetted governments, and that they are used for criminal and intelligence investigations… See more at – http://www.independent.co.uk/… - Hacking Team and Boeing Subsidiary – Drones Deploying Spyware
The Boeing subsidiary reached out and Hacking Team began work on a malware injector for drones. Boeing would like to be able to deliver spyware via drone… See more at – https://firstlook.org/…
Drone-based Wi-Fi hacking hardware
MALWARELIST.net - Your Information Security Source 
At Cybereason, we have also done a few articles about the hacking team leak and the methodologies and technology behind the remote control system.
http://www.cybereason.com/breaking-down-the-hacking-team-attack-operation/
http://www.cybereason.com/hacking-team-hacked-team-leak-unleashes-flame-like-capabilities-into-the-wild/