A leading provider of surveillance and intrusion software for governments worldwide has apparently fallen victim to a devastating security breach.
The Twitter account of Hacking Team, an Italy-based company notorious in certain circles for providing offensive security services to law enforcement and intelligence agencies, was hijacked late Sunday evening. The hackers, who have not been identified, used the account to post emails and invoices implicating the firm in the sale of software to repressive governments—an allegation previously dismissed by the company.
A link to a torrent file containing roughly 400GB of purportedly stolen internal company documents and emails was also tweeted from Hacking Team’s account. Due to the massive size of the file dump, the veracity of the full cache of files has not been independently verified at this time. The company had regained control of the account by Monday morning and deleted the tweets posted by the alleged hackers.
In 2013, Reporters Without Borders labeled Hacking Team as one of five “Corporate Enemies of the Internet”— a “digital mercenary” whose products are liable to be used by repressive regimes “to violate human rights and freedom of information.” Hacking Team responded by denying the accusation. In a statement, the company said it “goes to great lengths to assure that our software is not sold to governments that are blacklisted by the E.U., the USA, Nato and similar international organizations or any ‘repressive’ regime.”
According to the documents, however, Hacking Team’s clients include numerous governments often criticized for violently suppressing human rights, including Saudi Arabia, Bahrain, Russia, Sudan, Kazakhstan, and the United Arab Emirates.
Hacking Team’s flagship product, the DaVinci Remote Control System, is software that allows its clients to monitor the transfer of encrypted files and emails and eavesdrop on Skype and other voice-over-IP (VoIP) applications. The company claims that DaVinci can monitor hundreds of thousands of computers simultaneously and surreptitiously activate a computer’s microphone and camera by remote.
Christian Pozzi, a Hacking Team employee tweeted several times following the attack, urging his followers to “stop spreading false lies” about the company’s services. “A lot of what the attackers are claiming regarding our company is not true,” he said. “We are currently in the process of notifying all our customers about the recent breach. We haven’t broken any laws. We simply provide custom software solutions tailored to our customer’s needs.”
Pozzi, who said his team was currently working with police, also told a security researcher posting screenshots of documents on Twitter: “Keep posting what you are posting, I am taking all the evidence. You will go to jail.”