Party Vibe

Register

Welcome To

Intercept Publishes Hacking Team Manuals

Forums The Vibe Chat Intercept Publishes Hacking Team Manuals

  • This topic is empty.
Viewing 6 posts - 1 through 6 (of 6 total)
  • Author
    Posts
  • The Intercept has published, in full, the manuals for Hacking Teams stealth malware toolkit. It’s a very sophisticated piece of software that can infiltrate a vast array of systems and stealthily exfiltrate any type of date while providing remote access to the device it’s been installed on. At a cost of between 200,000-1,000,000 euros, most customers are governments but as this is a private company it’s available to anyone with the money, including countries that run oppressive regimes (I didn’t notice any bad countries mentioned in the article but a competitor, Germanys Finfisher certainly have) and it wields the sort of capabilities that the NSA (who may be a customer) use to spy on every person on earth. This sort of software is a prime example of why the NSA and buddies should not be making attempts to weaken critical software such as encryption algorithms and holding back from notifying vendors of zero days in their software so they have offensive capabilities, it shows that if NSA and co. can find the holes, so can others, making everybody a sitting duck.
    Article here: https://firstlook.org/theintercept/2014/10/30/hacking-team/
    Here’s a link to the leaked Finfisher doc that were shared/stolen by a good netizen: https://wikileaks.org/spyfiles/list/tags/gamma-finfisher-trojan.html
    Just goes to show that the people who are making the offensive tools are still vulnerable to the exact same attacks that they use.

    @Tryptameanie 572408 wrote:

    This sort of software is a prime example of why the NSA and buddies should not be making attempts to weaken critical software such as encryption algorithms and holding back from notifying vendors of zero days in their software so they have offensive capabilities, it shows that if NSA and co. can find the holes, so can others, making everybody a sitting duck.

    90% of the time NSA don’t even need to bother with stuff like backdooring crypto; and a lot of networking equipment used in larger installations has the surveillance facilities built it (they are often used for legitimate purposes such as indentifying faulty devices) but has weak security; and once you have physical access to a device or any part of the network it is on you can get at all sorts of data.

    has worked since analogue days (a German professor put up the circuit on his website (to hack an 1980s analogue telephone) and said “try it!” ) – I am listening to the oompah music inside the room where the phone is rather than the phone call (as i’m not answerinf the phone; it could be spies)

    https://www.youtube.com/watch?v=gcq7_JG6oGQ

    this is a special extra wire across those phone pairs; I can clip the test set to these and monitor what is on theese circuits although I’ve got a code to check all traffic from my mobile and auto record on some circuits

    https://www.youtube.com/watch?v=4T9GZPAqBZ8
    I had set up this business grade router for work in 2011 but mislaid the British Telecom paperwork with the passcodes (it needed a firmware upgrade) Although its config files are supposedly encrypted; the crypto is that week a python script can deal with it within a few seconds. It took me 5 minutes to obtain the data this way (far quicker than speaking to British Telecoms call centre and going through their security procedures)

    15030088139_42fc5401de_o.png
    it is not uncommon for me to have to hack embedded systems simply to check they are working as they should.

    I love reading your posts GL and wish I had even a fraction of your knowledge.

    TBH my tech skills are stuck somewhere in 1986/7; I often have to explain this to folk on some electronics and computer forums (I don’t have the attention span for the more complex stuff; and drugs didn’t help that aspect (though they may have made me think better for real life problem solving).

    Its not uncommon for me to “cheat” and use the training resources for teenagers/apprentices that the Germans, Dutch and Danish seem to share widely across their websites (as their profs are better at teaching to all age groups/abilities)

    And he’s modest as well:).


      Subscriber

      “”Just goes to show that the people who are making the offensive tools are still vulnerable to the exact same attacks that they use””
      I love such paradox issues:good_evil

    0

    Voices

    4

    Replies

    Tags

    This topic has no tags

    Viewing 6 posts - 1 through 6 (of 6 total)
    • You must be logged in to reply to this topic.

    Forums The Vibe Chat Intercept Publishes Hacking Team Manuals