Hacking Team hack: cybersecurity firm 'sold spying tools to oppressive regimes to let them spy on activists and journalists', hack claims

Sign up to our free weekly IndyTech newsletter delivered straight to your inbox

Sign up to our free IndyTech newsletter

Please enter a valid email address

Please enter a valid email address

SIGN UP

I would like to be emailed about offers, events and updates from The Independent. Read our privacy notice

Hacking Team, an Italian set of hackers that hires out its services to governments and other organisations, has been hacked. The documents taken in the attack have been leaked online, appearing to show the company’s dealings with a range of oppressive governments.

The hackers took the alleged files and distributed them through Hacking Team’s own channels — changing its Twitter account to “Hacked Team”, for instance, and sharing links to what appears to be all of the group’s files. Included in the 400GB torrent file download — which appeared to contain many of the firm’s most sensitive files — were lists from 2014 and 2015 that appeared to show all of its clients.

Two of those clients were marked “not officially supported”, including Sudan’s National Intelligence Security Service. Other countries listed in the spreadsheet are widely condemned as oppressive regimes, including the governments of Egypt, Azerbijan and Saudi Arabia.

The list also included major European and US governments and organisations. The 2015 list included government organisations in Luxembourg, Italy and Poland, and the FBI and Drug Enforcement Administration in the US.

The secretive company has been branded an “enemy of the internet” by Reporters Without Borders.

“Hacking Team describes its lawful interception products as "offensive technology" and has been called into question over deliveries to Morocco and the United Arab Emirates,” the organisation said. “The company’s ‘Remote Control System,’ called DaVinci, is able, it says, to break encryption on emails, files and Internet telephony protocols.”

Hacking Team itself has had little public response to the hack, and has not been available for comment. It is unclear whether any or all of the documents are genuine.

One member of its team briefly tweeted about the hack — trying to discourage people from downloading the leaked files by claiming that they included viruses — before his own Twitter was taken control of by the hackers.

"Since we have nothing to hide, we're publishing all our emails, files and source code," the hackers wrote in one of a number of posts on Hacking Team’s Twitter, many of which were written as if they had come from the group themselves.