“Hacking Team” Hack Comprehensive Timeline By Kamalesh Lunkad CT+ student ASCL
Hacking Team is a Italian surveillance company.
Sells spyware to governments all around the world, was seriously Hacked on July 5th.
This Hack ripped the company's corporate secrets, emails, source code and files, and leaked over internet.
Hacking (Hacked) Team
The attacker either had direct Physical access to security engineer Christian Pozzi's PC or used malware to achieve a similar level of access to download all data.
We can tell simply by looking at a folder name among the files that were leaked onto the internet.
(Covered Later in this presentation)
Saturday July 5th 2015 or beforeAttack Began
Hacking Team’s Twitter feed was taken over. The banner on the page changed to “Hacked Team.”
July 5th 2015
After taking over Hacking Team’s twitter account
Attacker started to publish emails that were leaked as part of the 400GB files.
Sunday July 6, 2015
Phineas Fisher,a hacker which previously took responsibility for an attack on Gamma came forward taking responsibility for this too.
Who is Responsible?
Attacker did not answer further questions asked on twitter but he said he will revel how he hacked :Hacking Team”
Christian Pozzi, Hacking Team system and security engineer, took to Twitter to refute claims made by the cyber attackers.
The Twitter account has been deleted, but a (https://archive.is/Ca8Kz) containing his comments can be accessed:
Damage Control (Incident Response)
11.30 GMT : Hacking Team's Twitter account wrestled control back
Hacking Team removed messages, screenshots of stolen data and mockery levied against the company
Hacking Team’s Twitter account archive before deleting posts here https://archive.is/n0om8)
14.09 GMT: The Hacking Team website is offline.
May be because cyberattack or the company took it down avoid further problems or the heat of the media.
July 6th 2015
15.07 GMT: The Company’s surveillance solution code leaked onto GitHub. (https://github.com/hackedteam/)
Wikileaks created a database to comb through all released email of HT. https://wikileaks.org/hackingteam/emails/
July 9th
https://ht.transparencytoolkit.org/ One can access all the data online and
download any file
Online mirror of 400 Gb data
Hacking Team assigned Anonymizers to customers from Lebanon and Egypt. The IPs are for VPN services in the U.S. and Germany
VPN servers
Product listsAn example of the type of products offered by Hacking Team and their associated cost in Euro
Hacking Team had recently told the UN that they had never done business with the country.
Contract with Sudan