An individual who did work for Hacking Team was in contact with hackers working for a terrorist organization, and disgruntled employees—who deny the charge—were planning to sell an antidote to the spyware vendor’s surveillance software, an Italian newspaper reported Friday.
A general in the Italian foreign intelligence service (AISE), identified as “G” in internal emails published by WikiLeaks three weeks ago, told Hacking Team CEO David Vincenzetti that “an ex-collaborator of Hacking Team is working with foreign hackers who collaborate with terrorist organizations,” according to Il Fatto Quotidiano.
Hacking Team, a Milan-based company that sold surveillance software to law enforcement agencies around the world and was criticized for helping oppressive regimes crack down on their political opponents, suffered a disastrous security breach at the beginning of July, with 400 GB of confidential information eventually dumped online.
Two employees had left the company and were suspected of planning to market their own antidote to HT’s “Galileo” Remote Control System, which exploited zero day vulnerabilities to monitor the devices of targeted individuals, the paper said. Among potential customers for the anti-HT technology were two Pakistani businessmen, who were prepared to invest US $500,000 in the venture, it said.
Il Fatto identified the two former employees and said both were recently questioned by Milan public prosecutor Alessandro Gobbis, at their own request, and both have denied any plans to sell tools to counter HT’s spyware.
In one email Vincenzetti describes one as a senior Windows developer and “capable of creating a small software able to detect our backdoor in the Windows environment”. The person suspected of terrorist links was one of the most senior developers for Android. If the two were to collaborate, Vincenzetti wrote, “the antidote could be effective for the two most widely used operating systems in the world.”
Another secret service officer, a colonel identified in the emails as “C”, asked Vincenzetti for a detailed account of the suspects’ activities while at HT, to provide him with “a summary description of the damage that the two might cause to Hacking Team.”
Public exposure of Hacking Team’s activities has interfered with Italian police anti-terrorism investigations, in one case forcing authorities to bring forward planned arrests, the head of the police, Alessandro Pansa, told a parliamentary committee responsible for secret service oversight, on Thursday.
Police were using HT software to monitor the computers of Lassad Briki, a Tunisian, and Muhammad Waqase, from Pakistan, who were arrested July 22 on suspicion of planning a terrorist attack on a joint U.S.-Italian military air base at Ghedi in northern Italy. Those arrests were brought forward because of the public exposure of HT’s spyware, Pansa told the committee.
Some suspects activated anti-virus protection after learning of Hacking Team’s law enforcement activities, and surveillance operations were suspended out of concern that suspects, aware they were being monitored, would disseminate false leads, Pansa said.
HT surveillance technology was also being used to target corruption in the civil service and organized crime, the police chief said. It had been in use by the Italian police since 2004.
Attempts to obtain comment from Hacking Team on Friday evening were unsuccessful.