Italy is not a country one usually thinks of when they think of hackers or even IT in general. With its perennially slow growing economy and focus on traditional businesses, like wine and sport cars, there are not a lot of startup tech companies there as compared to other places. Nor are there many startup criminal hacker enterprises either, such as one finds in nearby Romania. But Italy is home to one of the most important professional hacking companies used by governments, known simply as Hacking Team. They call their product Galileo.
The company makes no secret of who their target customers are. They headline their website with with “The Hacking Suite for Governmental Interception,” underlining that with, “We believe that fighting crime should be easy: we provide effective, easy-to-use offensive technology to the worldwide law enforcement and intelligence communities.”
Usually espionage firms keep a low profile. But The Hacking Team was shoved into the public limelight by one highly embarrassing data leak. In 2015, a hacker stole internal emails and their valuable source code and put it on bittorrent sites.
The hacker named Phineas Fisher stole an incredible 400 GB of files and hacker into their Twitter account. This is the same hacker who hacked into the German intelligence hacking firm Gamma, who writes the highly effective million dollar Finfisher exploit set of tools. They have no website, preferring to be secret like an intelligence firm should be.
The hacker gained access by hacking the accounts of system administrators at Hacking Team. That just stress the point that people with root access to file systems do not need access to all repositories as it exposes a company to this risk. None of the company’s data was encrypted either. Ouch. That is two black eyes for a company who is supposed to know about such things.
The leak led Abode and other vendors to quickly rush to fix security weaknesses in their software that Hacking Team had been exploiting.
WikiLeaks has indexed their emails in a searchable archive here. Journalists and others went through all those emails and showed that Hacking Team had been working with repressive governments, like Saudi Arabia, as well as those that are not repressive, like, Chile, as well as the USA. You can see that list on Wikipedia here.
That article says Hacking Team got its start when the Italian government approached two Italian programmers, Alberto Ornaghi and Marco Valleri, who wrote Ettercap, which is used to spy on Skype phone calls. The government wanted the programmers to modify the program to put it to other use.
Now the source code for Ettercap is public source. You can download it here from Github. The site says it can be used for man-in-the-middle attacks. No one has updated it since 2014.
If you download it and look at the README it tells you something rather clever. They explain that when you use a tool like this to do packet sniffing it does not matter what order the packets are in, as you can read them anyway. Here is how they explain that:
Aoccdrnig to rscheearch at an Elingsh uinervtisy, it deosn't mttaer in waht oredr the ltteers in a wrod are, the olny iprmoetnt tihng is taht the frist and lsat ltteer are in the rghit pclae.
They then go on to explain how to exploit bridged networks and use other techniques to set up a man-in-the-middle attack. All of this should be required reading for those of you who want to learn more about how to protect yourself from such mischief.