Monday, July 6, 2015 - 14:44

Hacking Team hacked ... again.

Since I'm usually on the defense team hacks range from annoying over interesting sometimes entertaining. I'm simply on the other side of that fence.  But a target like Hacking Team is a special case where everyone can just fully enjoy the shit storm party that's about to come to their town. Well. Everyone but Hacking Team of course. But that's precisely the fun part.

After last year's attack when hackers obtained documentation this time someone went for slightly more ... it's probably a full-take. Around 500 Gigabytes of emails, files, source code, contracts, customers and contacts. It's looks like a good share of the entire company excluding the staff. And as a bonus the hack was announced on hacking team's very own [defaced] twitter account.

For Hacking Team this is a worst case scenario. They dropped the nuke on their usually more secretive customers, who will certainly appreciate being dragged onto the stage, the leak drops a bomb on their tools and it also stabs a rather big question mark right into their claims to not support state terrorism in vicious dictatorships. Human rights activists and affiliated legal groups as well as security researchers will have a field trip with this data. 

So. To quote Hacked Team's twitter account.

Since we have nothing to hide, we're publishing all our e-mails, files, and source code.

Your donation is greatly appreciated. It's the next best thing right after all of you vanishing in a thunderstorm over the Atlantic. Ironically that's probably what some of your more elusive and now exposed customers with expertise in let's say making people vanish might also have favored. But hey. Don't look a gift horse in the mouth right?


It appears that security at HT was virtually non existing. Encryption seems to be an alien concept. Virtually everything taken is in the clear. Even most sensitive information. According to a source at Motherboard the attackers got their foot into the systems by attacking one or two admins who apparently had unlimited access to the company's data making it easy for the hackers to basically obtain everything they had. So it really seems to be a full-take or close to that. There's even porn recommendations. It seems there's something for just about everyone in that stash.

If that isn't anecdotal enough on its own: Pa$$w0rd ... seriously? The password is a half-assed 1337'ified version of Password? How likely is that on top of your very own lists? Maybe someone confused the too-pick list with the under-no-fucking-way-you-will-have-this list.  Password in various combinations of half assed 1337 speak seems to be one fellas personal favorite.

The amount of data and what it is is nearly mind blowing for a hack. Gigabytes of email from what I assume is every employee. Corporate and private password lists. Voicemail recordings. There's even private and personal data from the two assumed gateways to the crown jewels including kitten photos, PayPal, Gmail and Yahoo accounts with full credentials in plain text; it's really everything from a trivial to-watch porn list to customers, administrative business data and source code.

I truly hope this hack gives HR activists the guns they need to put everyone at hacking team where they belong. Locked up in a cage. And just seeing the vast amount of emails I'd guess there's enough in there to do just that. You tried to fuck the rest of the world and couldn't be bothered to give a shit helping brutal regimes operating sharia law to oppress their people. Now let's see how you perform on the receiving end of that game.