Data leakage great! CBA paid a quarter of a million euros for … – Softonet

There has been another huge leak of highly sensitive data. Italian firm Hacking Team, dedicated to creating and selling Remote Control System – a specialized spyware, which is used by many countries and special services, including the Polish Central Anticorruption Bureau, fell victim to hackers. Knowledge of the event gave themselves burglars, using for this purpose the official account Hacking Team, which by the way changed its name to Team Hacked.

Hackers zażartowali tweetcie each other in writing that they have nothing to hide, why make public all e-mail from internal and external communications, files, contracts, list of customers and software source code Remote Control System (RCS), used to steal information from mobile devices under the control of Android, iOS, Windows Mobile and Blackberry. This known since 2001 system, acting also under the names DaVinci and Galileo, allows a person controlling it to the following:

• The inclusion of a microphone and eavesdropping use it to ambient sound
• the inclusion of built-in camera and ambient Snooping its help,
• monitoring of incoming SMS messages and e-mail
• download the book contacts,
• download call history,
• take a snapshot of the screen during operation,
• activating the module logging keystrokes, both physical and virtual keyboard
• GPS position reading device.

It is difficult to determine whether all of the data made available in a 500 GB package are true, but considering the size of the attack and information that were found in files, it can be assumed that these are not fabricated data. Hackers have released a list of servers and account passwords affixed to them, which is not enough that a repeated, it also does not belong to the complex. Also disclosed is the fact that the above-mentioned GIT code repository found pirated software licenses IDA (disassembler and debugger supporting multiple processor architectures). And it would seem that the company carries out government contracts for millions of dollars should be able to afford to spend tens or even hundreds of thousands of software. It also turns out that the RCS system is not without flaws – are the first reports of encountered errors in source code security.

Internet surfers from all over the world, dealing with cyber security issues have already begun analyzing the publicized information. The first one went list of clients, including several Member commonly found violating the rights of its citizens: Azerbaijan, Sudan, Kazakhstan, Uzbekistan, Saudi Arabia and others. Hacking Team already was suspected, and even presented evidence for the sale of their system repressive regimes applying to their citizens, but each time the company rejected these accusations.

Its client list also find native accent – Central Anticorruption Bureau has an active license RSC system to 31 July. As reported by the portal Niebezpiecznik.pl, in the files is also a system copy of an invoice for the amount of 178 000, dated July 23, 2012 year. It was not the only cost, because in the next years annually paid 35 600 euros for updates. This means that for almost three years the CBA possessed spyware. It is interesting, on what legal basis and whom CBA inwigilowało with this commercial Trojan.

It is worth noting that in the archive e-mails, there is a special folder named Anti HT activists , which included news of minutes. group Citizen Lab, which more than once risked a firm Hacking Team, posting uncomfortable for her customer information or the RSC system.