Drawing on a cache of leaked documents and months of forensic work, two reports about the private Italian firm Hacking Team expose a global network of malicious software implants operated by police and spy agencies in dozens of countries. They also suggest that the lines between high-tech police work and malicious hacking are blurring.
"In the past, the distinction was pretty easy: If it's malware, there's someone bad behind it," said Costin Raiu, a senior security researcher at Russian anti-virus firm Kaspersky. "The notion of good guys and bad guys is becoming diluted."
The reports by Kaspersky and the
While many of Snowden's revelations dealt with the mass monitoring of communication as it flows across the globe, Hacking Team brags about more aggressive forms of monitoring that let authorities turn people's phones and laptops into eavesdropping tools.
Hacking Team, based in
On its website, the company takes pains to present itself as one of the good guys. In a moody promotional video with a gravelly voice-over, it boasts of being able to steal text messages, eavesdrop on
Hacking Team's customer policy says it sells only to governments, which it screens for human rights concerns. A company-established panel of technical experts and legal advisers checks out every potential client, Hacking Team says, and while it realizes that its software can be abused, "we take a number of precautions to limit the potential for that abuse."
Those precautions haven't prevented copies of Hacking Team's malicious software from being used to target more than 30 activists and journalists, according to a tally maintained by
Screenshots released by
Hacking Team built its programs for stealth. The spy software implanted on iPhones is calibrated to avoid draining the phone's battery, both
"The victim's got almost no chances of figuring out that their iPhone is infected," Kaspersky malware expert
Hacking Team does not say who its customers are, but researchers can draw inferences from the network of servers tasked with controlling its spyware.
In its report, Kaspersky says its scans uncovered 326 Hacking Team command servers based in more than 40 countries, including 64 servers in
Kaspersky's report cautions that hosting a Hacking Team command server doesn't necessarily mean officials in that country are using its software, although it said that would be logical due to the complications of controlling spyware from another nation's territory.
Hints about who is using these programs can also be found by studying how victims got infected.
"The hacking tools fall into the same category. They're dual use," he said.
But Bellovin said there need to be strict rules — and open debate — about the law enforcement uses of malicious software before government-commissioned viruses are unleashed on the Internet.
"None of that seems to be present here," he said.
Kaspersky's report: https://www.securelist.com/en/blog/8231/HackingTeam_2_0_The_Story_Goes_Mobile
Hacking Team: http://www.hackingteam.it/
Most Popular Stories
- Islamic State Obliterating Cultural Landmarks in Mosul
- The 2014 Fastest-Growing 100
- 'Lucy's' Super Powers Tops 'Hercules' at Box Office
- VW Site Could Mean Another 2,000 Jobs for Chattanooga
- RV Sales See Highest Increase Post Great Recession
- Report: China to Declare Qualcomm a Monopoly
- Eid al-Fitr Celebrations Mark End of Ramadan
- Oppression of Women Cripples Africa: Obama
- Insecticides Permeate U.S. Food, Water Supply
- Anarchy, Chaos Sweep Across Libya