|
The iPhone Wiki is no longer updated. Visit this article on The Apple Wiki for current information. |
Difference between revisions of "Hacking Team"
(noting chronic's opinions from twitter) |
(more context) |
||
| Line 3: | Line 3: | ||
== Remote Control System tool (requires jailbreak) == |
== Remote Control System tool (requires jailbreak) == |
||
| − | In June 2015, security researchers [http://www.wired.com/2014/06/remote-control-system-phone-surveillance/ published details about Hacking Team's iOS tool], discovered via reverse engineering it. This research [http://www.macworld.com/article/2944712/hacking-team-hack-reveals-why-you-shouldnt-jailbreak-your-iphone.html got confirmed in July 2015 by a data breach] that revealed Hacking Team's internal documentation and pricing for this tool and related tools. |
+ | In June 2015, security researchers [http://www.wired.com/2014/06/remote-control-system-phone-surveillance/ published details about Hacking Team's iOS spyware tool], discovered via reverse engineering it. This research [http://www.macworld.com/article/2944712/hacking-team-hack-reveals-why-you-shouldnt-jailbreak-your-iphone.html got confirmed in July 2015 by a data breach] that revealed Hacking Team's internal documentation and pricing for this tool and related tools. |
[https://drive.google.com/file/d/0B2q69Ncu9Fp_TF9XeFF3VFUwa2s/view The leaked "Remote Control System" documentation] includes on page 7 a description of the iOS tool: it requires a jailbreak, it's compatible with iOS 4-8.1, and it provides monitoring of chat (Skype, WhatsApp, and Viber), location, contacts, and list of calls. It costs about $55,000, purchased in conjunction with supporting tools and services. |
[https://drive.google.com/file/d/0B2q69Ncu9Fp_TF9XeFF3VFUwa2s/view The leaked "Remote Control System" documentation] includes on page 7 a description of the iOS tool: it requires a jailbreak, it's compatible with iOS 4-8.1, and it provides monitoring of chat (Skype, WhatsApp, and Viber), location, contacts, and list of calls. It costs about $55,000, purchased in conjunction with supporting tools and services. |
||
| − | + | This isn't too surprising, especially since other spyware tools for jailbroken iOS also exist - for example, there is a MSpy spyware tool distributed via the BigBoss repository, which consumers can buy for $10-15 dollars a month. With MSpy and other consumer-level spyware tools (there are several for iOS), you have to physically arrange for your target's phone to be jailbroken and then somebody has to manually install the tool. |
|
=== Hacking Team tools for jailbreaking devices === |
=== Hacking Team tools for jailbreaking devices === |
||
| + | Hacking Team's spyware tool also relies on a device being jailbroken with a publicly-available jailbreak tool (or perhaps a custom tool built on top of a publicly-available jailbreak). Jailbreaking iOS 6-8 requires that the device passcode is disabled during the jailbreaking process, and recent jailbreaks also require that Find My iPhone is turned off. |
||
| − | Hacking Team has other pieces of malware for OS X and iOS that they can combine to ease the process of jailbreaking the device and installing the spyware, probably with the help of [https://en.wikipedia.org/wiki/Phishing#List_of_phishing_types spearphishing] attacks and other kinds of social engineering attacks. |
||
| + | |||
| + | Hacking Team has other pieces of malware for OS X and iOS that they may be able to combine to ease the process of jailbreaking the device and installing the spyware, probably with the help of their expertise in [https://en.wikipedia.org/wiki/Phishing#List_of_phishing_types spearphishing] attacks and other kinds of [https://en.wikipedia.org/wiki/Social_engineering_(security) social engineering] attacks. |
||
[http://www.wired.com/2014/06/remote-control-system-phone-surveillance/ This Wired article about last year's security research] explains a little more: |
[http://www.wired.com/2014/06/remote-control-system-phone-surveillance/ This Wired article about last year's security research] explains a little more: |
||
| Line 17: | Line 19: | ||
<blockquote>"The iOS spy module works only on jailbroken iPhones, but agents can simply run a jailbreaking tool and then install the spyware. The only thing protecting a user from a surreptitious jailbreak is enabling a password on the device. But if the device is connected to a computer infected with Da Vinci or Galileo software and the user unlocks the device with a password, the malware on the computer can surreptitiously jailbreak the phone to install the spy tool."</blockquote> |
<blockquote>"The iOS spy module works only on jailbroken iPhones, but agents can simply run a jailbreaking tool and then install the spyware. The only thing protecting a user from a surreptitious jailbreak is enabling a password on the device. But if the device is connected to a computer infected with Da Vinci or Galileo software and the user unlocks the device with a password, the malware on the computer can surreptitiously jailbreak the phone to install the spy tool."</blockquote> |
||
| − | Hacking Team may also have tools that help crack passcodes on iOS devices, since security researchers have done some research on that. |
+ | Hacking Team may also have tools that help crack passcodes on iOS devices, since other security researchers have done some research on that. |
Will Strafach ([[User:ChronicDev]]) said on Twitter: |
Will Strafach ([[User:ChronicDev]]) said on Twitter: |
||
Revision as of 19:58, 7 July 2015
Hacking Team is a company that "sells offensive intrusion and surveillance capabilities to governments and law enforcement agencies", including iOS spyware tools. The iOS spyware tools appear designed for targeting/attacking specific people, not for broad surveillance of the public.
Remote Control System tool (requires jailbreak)
In June 2015, security researchers published details about Hacking Team's iOS spyware tool, discovered via reverse engineering it. This research got confirmed in July 2015 by a data breach that revealed Hacking Team's internal documentation and pricing for this tool and related tools.
The leaked "Remote Control System" documentation includes on page 7 a description of the iOS tool: it requires a jailbreak, it's compatible with iOS 4-8.1, and it provides monitoring of chat (Skype, WhatsApp, and Viber), location, contacts, and list of calls. It costs about $55,000, purchased in conjunction with supporting tools and services.
This isn't too surprising, especially since other spyware tools for jailbroken iOS also exist - for example, there is a MSpy spyware tool distributed via the BigBoss repository, which consumers can buy for $10-15 dollars a month. With MSpy and other consumer-level spyware tools (there are several for iOS), you have to physically arrange for your target's phone to be jailbroken and then somebody has to manually install the tool.
Hacking Team tools for jailbreaking devices
Hacking Team's spyware tool also relies on a device being jailbroken with a publicly-available jailbreak tool (or perhaps a custom tool built on top of a publicly-available jailbreak). Jailbreaking iOS 6-8 requires that the device passcode is disabled during the jailbreaking process, and recent jailbreaks also require that Find My iPhone is turned off.
Hacking Team has other pieces of malware for OS X and iOS that they may be able to combine to ease the process of jailbreaking the device and installing the spyware, probably with the help of their expertise in spearphishing attacks and other kinds of social engineering attacks.
This Wired article about last year's security research explains a little more:
"The iOS spy module works only on jailbroken iPhones, but agents can simply run a jailbreaking tool and then install the spyware. The only thing protecting a user from a surreptitious jailbreak is enabling a password on the device. But if the device is connected to a computer infected with Da Vinci or Galileo software and the user unlocks the device with a password, the malware on the computer can surreptitiously jailbreak the phone to install the spy tool."
Hacking Team may also have tools that help crack passcodes on iOS devices, since other security researchers have done some research on that.
Will Strafach (User:ChronicDev) said on Twitter:
- "condensed summary of avoiding HackingTeam malware: 1. always use latest iOS version 2. if you jailbreak, don't use AFC2, set strong SSH pw"
- "the funny part is, jailbreaking neuters other aspects of security that someone like HackingTeam could take advantage of. but they do not."
- "reason HT does not take advantage of smarter tricks is that they do not target jailbreakers, rather, they use jailbreaks on vuln devices"
- "this is all quite easy to find in their docs, it baffles me to see "don't jailbreak" as the solution. it is not _at all_ the solution."
- "they are very clear that their client is meant to jailbreak the device of the victim. meaning they need physical access to your iOS device."
- "some say HackingTeam could use malware to infect your computer to silently deploy the jailbreak, but there is zero proof of that in dump."
Newsstand keylogger tool (doesn't require jailbreak)
This MacWorld article reports that Hacking Team also has spyware that doesn't require a jailbreak, via misuse of developer certificates:
"Researchers have also found so far that Hacking Team has a legitimate Apple enterprise signing certificate, which is used to create software that can be installed by employees of a company who also accept or have installed a profile that allows use of apps signed by the certificate. It was shown last November that an enterprise certificate combined with a jailbroken iOS device could be used to bypass iOS protections on installing apps. Further, Hacking Team had developed a malicious Newsstand app that could capture keystrokes and install its monitoring software."
