back to article Security world chuckles at Hacking Team’s 'virus torrent' squeals

Controversial spyware maker Hacking Team claims a torrent purporting to contain source code and other documents stolen from its systems is riddled with a "virus" – a claim laughed at by independent security experts in the industry. Some 400GB of Hacking Team's internal emails, source code, and other files were published via …

  1. Rushyo
    Trollface

    This goes without saying but:

    AHAHAHAHAHAHAHAHA

    1. Anonymous Coward
      Anonymous Coward

      Re: This goes without saying but:

      Now they can get a proper job.

      1. Anonymous Coward
        Anonymous Coward

        Re: This goes without saying but:

        Now they can get a proper job.

        They wouldn't be doing this if they could do a proper job (QED, actually). On reflection, having worked on this sort of technology (or, as it's known, the dark side of tech) is also not exactly the best kind of reference for another job IMHO. Unless for some shady government setup, of course.

        1. Rushyo

          Re: This goes without saying but:

          Hacking Team was formed off the back of the success of their dev's first product: ettercap. It's not like they don't know how to create good software.

  2. This post has been deleted by its author

    1. Anonymous Coward
      Anonymous Coward

      Not sure why you got the down vote, unless stating the bleeding obvious wasn't that obvious.

      Let me help.

      Company that writes viruses has source code stolen, therefore good chance the source code forthe companies viruses are also in therefore. By this fact you could say it contains viruses.

  3. Tom 38 Silver badge

    Selling malware to governments == good, selling malware to individuals == FBI's Most Wanted

    Ban encryption now!

    </sarcasm>

  4. Esme

    does "Haec hackers hiccough hocked" work (she asks, dimly trying to recall Latin lessons from four decades ago)?

  5. Anonymous Coward
    Anonymous Coward

    “Apparently the Italian equivalent of schadenfreude is gioia maligna,”

    What's the German equivalent of Schadenfreude, though?

    1. Anonymous Coward
      Anonymous Coward

      What's the German equivalent of Schadenfreude, though?

      :)

      It's "Hahahaha", but pronounced with a German accent.

      1. Camilla Smythe

        Possibly Misplaced Obligatory

        https://www.youtube.com/watch?v=ienp4J3pW7U

      2. ecofeco Silver badge

        "It's "Hahahaha", but pronounced with a German accent."

        Well played AC. Well played.

  6. iLuddite

    oh, cruel people

    Is there no sympathy for those who may lose their 'legitimate' business?

    1. This post has been deleted by its author

  7. Sir Runcible Spoon

    Sir

    "Critics argue that the tech is used by countries with patchy human rights records to spy on activists and journalists."

    or

    "Critics argue that the tech is used by countries with patchy human rights records to spy on activists and journalists."

    No caveat required really since they are all at it and recognise no limits to their surveillance.

    (Like GCHQ for example.)

    1. Evil Auditor

      Re: Sir

      Ergo countries with patchy human rights records.

      Yes, I'm also looking at you, Great Ol' Britain. From the somewhat safe distance of the formerly British now Chinese special administrative region...

      By the way, there are countries out there that still respect human rights. For now, at least, and if only for lack of resources.

    2. Anonymous Coward
      Big Brother

      Re: Sir

      Yep, just waiting for the NSA and GCHQ to show up with protest signs saying: "Je suis Hacking Team."

    3. Anonymous Coward
      Anonymous Coward

      Re: Sir

      I have no particular comment on Hacking Team,

      but in general their class of products - the Remote Access Trojan (RAT) - is a proportionate, targeted, data-collection device, which is aimed at a handful (or a hundred or two) of 'suspects' (for a given local definition of 'suspect' in the Sate of use)

      a RAT is quite well connected to a police/Law Enforcement/Intelligence need - and is almost the exact opposite of the 5-eyes bulk system, to get a RAT you need to primarily be a suspect, [OK, which in DE has historically been a Website Developer who knew an activist etc]

      At least we might have a debate, now an infomed debate, on the use of RATs or their diametrically opposite 'full-take' technology [store everybody's data-everything & data-mine for alleged crims, retrospectively, then do parallel construction, NSA, FBI, BAT etc]

      1. Anonymous Coward
        Anonymous Coward

        Re: Sir

        well, the RAT is supposed to be used against a legitimate target, but it seems Morocco is/was HT's third biggest customer and was using their RATs to see what the UN protection Force was up to:

        http://allafrica.com/stories/201507080731.html?viewall=1

        is this legit or not? after all, a State can do whatever it wants to, nyet?

    4. Michael Wojcik Silver badge

      Re: Sir

      No caveat required really since they are all at it and recognise no limits to their surveillance.

      No caveat required since "spy on activists and journalists" implies "patchy human rights record", except when it implies "abysmal human rights record". The Reg's original formulation is redundant.

  8. John Smith 19 Gold badge
    Unhappy

    A company that's all kinds of despicable.

    They write spyware but don't have the balls to sell it illegally

    They write spyware not in house to their government because of some perceived "national security" threat like NSA or GCHQ. You may not like the PoV but you accept it is one.

    Spyware writing X government con-tractor X Sell to any government as long as it is a government --> zero sympathy when you get hit and lots of ROFLMA comments.

    You live like a b**ch you die like a dog.

    1. Rushyo

      Re: A company that's all kinds of despicable.

      Oh, they were definitely selling it illegally. They lied to UN investigators repeatedly, saying they weren't involved in contracts which, according to the leaked files, they are. They also broke EU export laws RE: Russia.

      1. Anonymous Coward
        Anonymous Coward

        Re: A company that's all kinds of despicable.

        There's info on their illegal dealings over here including their email exchanges with Sudan, whom they testified to the UN they had nothing to do with.

        Time for them to promote Brian Trousers to head of PR?

      2. Mark 85 Silver badge
        Meh

        Re: A company that's all kinds of despicable.

        The only problem I see is: what's the UN going to do about it? Condemn or censure them?

        The UN really has no power. The very members of the UN were customers. Lies, lies, more lies, and politics.

        1. Anonymous Coward
          Anonymous Coward

          Re: A company that's all kinds of despicable.

          It's an Italian firm so my question is: "What's the EU going to do about it?" Mark85, I know we in the US shouldn't speak too loudly about this what with rejecting international institutions such as the ICC, but.... I thought the EU had a court just for Human Rights issues?Where are they on this?

          [Of course here in the US only US citizens have rights and we are not doing so well with our government either.] I know it's an established fact that the malware was used against activsts in the EU, e. g. Great Britain, so what's up with that? Then again looking over at GB, even unwritten Bill of Rights makes no nevermind either.

          I forsee a dark time rising whose end I know not will ever be found. Glad I'm gonna miss it and ain't got no kids (that I know of). European corps seem as lawless as US corps. I wonder who taught whom this.

  9. chivo243 Silver badge

    The torrent file?

    "The torrent file reportedly also includes login credentials and passwords for their support site for Egypt, Mexico and Turkey."

    I doubt the torrent file had this info... the torrented directory, ok.

    1. Michael Wojcik Silver badge

      Re: The torrent file?

      Nerds ... raging!

  10. oneeye

    Let the lawsuits begin! Can't imagine spending millions on software,only to have it nullified. There's could be death threats too,as I hear some of those "benevolent countries" have a low tolerance for embarassment.

  11. Roo
    Windows

    I'm waiting for the powers that be to put on their best Dean Wormer face tell us that hackers have been on "double secret probation" for the last decade.

    1. LucreLout

      I bet you don't get nearly as many upvotes as that deserves. Great movie.

      To paraphrase the Dean:

      Cut the horseshit, son. I've got their source files right here.

  12. Amorous Cowherder

    I take it now the truth is out, that they lied to the UN and traded with countries where they shouldn't ( ie Russia ) that the local Italian equivalent of Inspector Knacker will be having a word with the board of this nefarious little company?

    1. Anonymous Coward
      Anonymous Coward

      "that the local Italian equivalent of Inspector Knacker..."

      "will be having a word with the board of this nefarious little company?"

      molto più grande busta marrone, per favore.

      (much bigger brown envelope, please.)

  13. Destroy All Monsters Silver badge

    Pozzi denied selling malware, describing its wares as “custom software solutions” before his account was also seized.

    Wait, is this hack some sort of alien nanomachine blight?

    1. Anonymous Coward
      Anonymous Coward

      Sort of. Turns these prize security idjits, like HB Gary Federal, also like to reuse passwords. Ergo, with accounts info off the hack, all kinds of evil can be done to them.

  14. Anonymous Coward
    Anonymous Coward

    Pozzi

    It's the Italian for "wells", as in holes in the ground,and is the plural of pozzo, the name of a character in Waiting for Godot

    Very appropriate since his business has been about poisoning them.

    1. Hi Wreck

      Re: Pozzi

      Sheese - I read that as Ponzi, another despicable character. Ponzi was a "an Italian businessman and con artist" (wikipedia for Charles Ponzi).

      1. Michael Wojcik Silver badge

        Re: Pozzi

        Ponzi, another despicable character. Ponzi was a "an Italian businessman and con artist"

        Try reading something a little better researched than random Wikipedia articles before you call someone "despicable". Bulgatz's Ponzi Schemes, Invaders from Mars, & More - a sort of sequel to Mackay's Extraordinary Popular Delusions - has a popular treatment, for those afraid of real research.

        The best evidence suggests Ponzi sincerely believed his scheme1 was generating wealth for his investors. He was poorly educated and innumerate, and probably not capable of even basic bookkeeping on the necessary scale. Consequently once he started getting investors, he relied on advisers, who were the real crooks. Ponzi just knew the pile of cash kept getting bigger.

        1Arbitrage on international postal coupons.

  15. John Crisp

    Jajajajaja en Castellano.

    Or

    Jejejejeje

    :-)

  16. Anonymous Coward
    Anonymous Coward

    Starts to get sinister:

    Sources have appeared on Github: https://github.com/hackedteam

    It gets ugly quickly. Is the purpose of this code to frame people with child pornography?

    https://github.com/hackedteam/rcs-common/blob/master/lib/rcs-common/evidence/file.rb#L17

    They also appear to be using cracked versions of software, for example WinHEX

    1. ckdizz

      Re: Starts to get sinister:

      Most self-respecting nonces probably wouldn't call their files childporn.avi though.

      It's probably either trying to get people to execute the file, or maybe a social engineering tool to get the actual client access to the machine.

    2. Anonymous Coward
      Anonymous Coward

      Re: Starts to get sinister:

      There are also modules relating to bitcoin (and derivatives) and bitcoin etc wallets.

    3. Anonymous Coward
      Anonymous Coward

      Re: Starts to get sinister:

      > Sources have appeared on Github:

      ...and they've disappeared from Github.

    4. Anonymous Coward
      Anonymous Coward

      Re: Starts to get sinister:

      I hope that's the purpose. Once one paedo gets their conviction overturned because of this it will stop people supporting this kind of thing.

      1. David Black

        Re: Starts to get sinister:

        You mean when one unsafe conviction gets overturned on illegal evidence? I always had my doubts about "owning" of child pron materials on a machine as I'm sure most commentards here do... it is just so easy to plant through soooo many routes and this just proves the point.

        I have no truck with kiddy diddlers but knacker finds it much easier to go "there's a PC, it has child porn on, you're knicked kiddy diddler" and the jury and courts agree pretty much unquestioningly. Rather than gathering the evidence from the vulnerable victims about the vile acts most likely committed by a family friend or relative (this descends into brutal disragard for those victims if they are in our care system). If all these "cyber crimes" are seen as a bit unsafe in terms of conviction, maybe the cops might go back and do that nasty police work and really help victims rather than just add to the puddle of human misery.

        1. Anonymous Coward
          Anonymous Coward

          Re: Starts to get sinister:

          No, I'm talking about what you say. Real offenders getting let off because you can no longer prove beyond reasonable doubt who put the evidence there.

          1. Michael Wojcik Silver badge

            Re: Starts to get sinister:

            Real offenders getting let off because you can no longer prove beyond reasonable doubt who put the evidence there.

            The best possible outcome is that Blackstone's ratio finally wins over the witch hunters. It's a pity when the genuinely guilty can't be convicted, but we can only approach universal justice asymptotically, and it's still better than letting the innocent be framed.

            The French learned during the Terror that the police state, let off the leash, will eventually bite its handlers, as have others at other historical moments. Unfortunately that sort of lesson only sticks so long.

  17. Anonymous Coward
    Anonymous Coward

    "... claims the leak of sensitive internal material contains a virus ..."

    Adding insult to injury is usually something you do to others, not yourself.

    1. Anonymous Coward
      Anonymous Coward

      But this IS the 21st century. Everybody is doing it!

  18. Anonymous Coward
    Anonymous Coward

    good idea!

    1: Put blatantly suspiciously titled file on users pc

    2: raid the users premises on the basis of looking for illegal files

    3: Justify 2 on the basis you found the file you put there in step 1!

    1. ecofeco Silver badge

      Re: good idea!

      Happens every day. No joke.

  19. Potemkine Silver badge

    Enjoy

    It's so rare true justice is achieved on Earth, let's savour the moment...

    1. Anonymous Coward
      Anonymous Coward

      Re: Enjoy

      Sorry but true justice would involve the torture-murder of the scum at The Hacking Team. Actually talking with someone who's been the victim of these governments might lend depth to the evil of THT. "All that is required for evil to prosper is for good men to do nothing." Which begs the question. Does this make the hackers here Whitehats? I already have, in my so-called mind, that enough justice has yet to be done.

  20. ecofeco Silver badge

    Irony

    They haz it.

  21. Ol' Grumpy

    Probably just me but I'd be reluctant to buy anything from a company that calls itself "Hacking Team" - legitimate or not.

  22. John Savard Silver badge

    There's been a later development in this story; they're now admitting that some real and useful source code was leaked - and so now the terrorists can use their sophisticated surveillance tools against us!

    So they have taken up the challenge to pull the other leg, some will say.

    But instead of mocking that claim, I think we would be better off if we took it very seriously indeed... and went to Microsoft and demanded that they fix Windows so nobody, not terrorists, not hackers, not private surveillance companies, not even major governments, would be able to find and exploit vulnerabilities in Windows - because they will have finally gotten it right, and it will not have any of those any more.

    While still being an available and useful operating system, of course.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021