Interesting Links: July 19, 2015

Here are a few interesting links that I came across in the last few days. They are new stories about the contents of the hacked internal emails and documentation of a corporation that supplies spyware and malware to law enforcement known as the “Hacking Team”.

Link 1: Hacking Team and Boeing Subsidiary Envisioned Drones Deploying Spyware

There are lots of ways that government spies can attack your computer, but a U.S. drone company is scheming to offer them one more. Boeing subsidiary Insitu would like to be able to deliver spyware via drone. The plan is described in internal emails from the Italian company Hacking Team, which makes off-the-shelf software that can remotely infect a suspect’s computer or smartphone, accessing files and recording calls, chats, emails and more. A hacker attacked the Milan-based firm earlier this month and released hundreds of gigabytes of company information online. Among the emails is a recap of a meeting in June of this year, which gives a “roadmap” of projects that Hacking Team’s engineers have underway.

On the list: Develop a way to infect computers via drone. One engineer is assigned the task of developing a “mini” infection device, which could be “ruggedized” and “transportable by drone (!)” the write-up notes enthusiastically in Italian. The request appears to have originated with a query from the Washington-based Insitu, which makes a range of unmanned systems, including the small ScanEagle surveillance drone, which has long been used by the militaries of the U.S. and other countries. Insitu also markets its drones for law enforcement.

Link 2: How Hacking Team Created Spyware that Allowed the FBI to Monitor TOR Browser

In July of 2012, FBI contractor Pradeep Lal contacted the customer support department of the Italian company Hacking Team, a maker of spyware for law enforcement and intelligence agencies worldwide. Lal needed help; he had used Hacking Team software to break into and monitor an investigative target’s computer, but the monitoring wasn’t working as well as Lal expected. It reported what addresses his target visited in normal web browsers, but not when his target used Tor Browser, software designed to mask sensitive web surfing. Lal described his problem succinctly, complaining on Hacking Team’s customer website that the company’s “URL collector does not collect web traffic on TOR browser,” according to a large trove of emails and other documents recently obtained by one or more computer hackers.

When a user opens Tor Browser, their computer starts the Tor program in the background, and in the foreground it opens up a modified version of Firefox that’s configured to force all its traffic to go through the Tor program. The solution was to modify Tor Browser on a hacked computer to force all of its traffic to go through an outside server that the attacker controls, rather than the one provided by the Tor program. When the hacked user loads a website in Tor Browser, the malware is then able to spy on the traffic before it gets handed off to the Tor network to be anonymized. Last week the Tor Project published their own brief analysis of this capability. But Hacking Team had no capability against the Tor network itself; it could only spy on people if their computer was already infected by Hacking Team spyware.

What do you think? Comments?

  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: