Hacking Team's email archive - now searchable online

Hacking Team hackBad enough that you are in the business of selling spyware to governments and law enforcement agencies around the world to spy upon citizens and those fighting for democracy.

Even worse that your company suffers a massive attack, with your email archives, source code and confidential internal documents published online by the hackers.

Not to mention that it becomes apparent that your own staff were grossly incompetent in their choices of passwords, and that you find yourself in the embarrassing position of having to urgently contact government customers to stop using your spyware.

But then, to really ruin your week, WikiLeaks goes and makes your entire email archive searchable online - making it child's play for anyone with an interest to sift through communications that any company (and its sometimes shady customers) would have preferred to keep private.

Search Hacking Team's email archive on Wikileaks

I don't know what the possible legal consequences are of WikiLeaks publishing more than one million searchable emails from Hacking Team, but somehow I suspect they're not that bothered.

But there are surely plenty of folks who are going to brew up the coffee, and settle in for the next several hours seeing what they can uncover about Hacking Team, its spyware and its customers.

If you find anything that you feel the rest of the world would benefit from hearing about, feel free to leave a comment below.

Tags: ,

Smashing Security podcast
Check out "Smashing Security", the new weekly audio podcast, with Graham Cluley, Carole Theriault, and special guests from the world of information security.

"Three people having fun in an industry often focused on bad news" • "It's brilliant!" • "The Top Gear of computer security"

Latest episode:

,

4 Responses

  1. Coyote

    July 9, 2015 at 9:10 pm #

    While I don't generally condone data breaches, I have zero sympathy for this rogue company and the customers (some will argue that West countries aren't rogue countries, but their behaviour here is roguery at best; it is only legal in that they make the laws but still an unethical disgrace). In this case, I feel it is something of a service. Publicly shaming the customers (what they've done is unethical, immoral, motivates others – and the company – to start or continue this behaviour and it is an utter disgrace). The fact they pay a company for this makes it even worse. The company justifying it… what to say? They got what they deserve? I think they deserve worse considering how their work affects the Internet as a whole (whether directly or indirectly is besides the point and frankly is irrelevant).

    One hopes the company dies the painful death it deserves… and one hopes that these leaks will make it much harder for the employees to gain trust of other employers (and people in general). After all, their actions are criminal, so if other criminals (or otherwise those doing unethical, questionable things) have this, why shouldn't the employees of this company? They had a choice and this was their choice; they could have said no, that it was wrong. But they didn't because they had no problem with it.

  2. Corrado

    July 10, 2015 at 5:56 pm #

    Tools don't hack people. People (or goverments) hack people. So shouldn't we be angrier with the tool's customers?

    Second: if the company did something illegal, then it's Italy's police job to investigate things, period. Doing something illegal to 'punish' what we now consider immoral behavior is the real crime here.

    • Coyote in reply to Corrado.

      July 10, 2015 at 11:21 pm #

      Yes.. and no.

      You should blame those who attacked, yes. But this rogue company wrote malware to attack other computers. I have no sympathy whatsoever to such a corporation; if the authors of old viruses (and more recent viruses, too, I guess) are punished for some of their work (and some were… even when they didn't want to cause harm – unlike this corporation – so much as see how much they could accomplish), why shouldn't this corporation? The use of their software is malicious. The software is designed that way. So both the company and the customers are wrong.

      But no, this isn't punishing the corporation. If it is anything like that, it is whistle blowing. This leak is conducive to making this company either die the death it deserves (and that everyone else should appreciate) or otherwise drastically reducing its profits (reputation is already harmed). The only harm in this case is from the use of the malware this corporation sold. Besides, you reap what you sow. The fact they allowed spying and now that information about THEM is public.. why feel any sympathy for them? Just reverse it and then see how you feel.

  3. Tom

    July 16, 2015 at 4:32 pm #

    More interesting for IT professionals are the Hacking team secret manuals published here:

    https://firstlook.org/theintercept/2014/10/30/hacking-team/

    Firstlook – the intercept is the platform of Snowden journalist Glen Greenwald.

Leave a Reply