Difference between revisions of "Hacking Team"

From The iPhone Wiki
Jump to: navigation, search
(more context)
(more context)
Line 3: Line 3:
 
== Remote Control System tool (requires jailbreak) ==
 
== Remote Control System tool (requires jailbreak) ==
   
In June 2015, security researchers [http://www.wired.com/2014/06/remote-control-system-phone-surveillance/ published details about Hacking Team's iOS spyware tool], discovered via reverse engineering it. This research [http://www.macworld.com/article/2944712/hacking-team-hack-reveals-why-you-shouldnt-jailbreak-your-iphone.html got confirmed in July 2015 by a data breach] that revealed Hacking Team's internal documentation and pricing for this tool and related tools.
+
In June 2015, security researchers [http://www.wired.com/2014/06/remote-control-system-phone-surveillance/ published details about Hacking Team's iOS spyware tool], discovered via reverse engineering it. This research [http://www.macworld.com/article/2944712/hacking-team-hack-reveals-why-you-shouldnt-jailbreak-your-iphone.html got confirmed in July 2015 by a data breach] that revealed Hacking Team's internal documentation and pricing for this tool and related tools. (This was big news because the documents also had evidence that Hacking Team [http://www.theguardian.com/technology/2015/jul/06/hacking-team-hacked-firm-sold-spying-tools-to-repressive-regimes-documents-claim sold these tools to repressive governments].)
   
[https://drive.google.com/file/d/0B2q69Ncu9Fp_TF9XeFF3VFUwa2s/view The leaked "Remote Control System" documentation] includes on page 7 a description of the iOS tool: it requires a jailbreak, it's compatible with iOS 4-8.1, and it provides monitoring of chat (Skype, WhatsApp, and Viber), location, contacts, and list of calls. It costs about $55,000, purchased in conjunction with supporting tools and services.
+
[https://drive.google.com/file/d/0B2q69Ncu9Fp_TF9XeFF3VFUwa2s/view The revealed "Remote Control System" documentation] includes on page 7 a description of the iOS tool: it requires a jailbreak, it's compatible with iOS 4-8.1, and it provides monitoring of chat (Skype, WhatsApp, and Viber), location, contacts, and list of calls. It costs about $55,000, purchased in conjunction with supporting tools and services.
   
This isn't too surprising, especially since other spyware tools for jailbroken iOS also exist - for example, there is a MSpy spyware tool distributed via the BigBoss repository, which consumers can buy for $10-15 dollars a month. With MSpy and other consumer-level spyware tools (there are several for iOS), you have to physically arrange for your target's phone to be jailbroken and then somebody has to manually install the tool.
+
Context for that tool is that other spyware tools for jailbroken iOS also exist - for example, there is a MSpy spyware tool distributed via the BigBoss repository, which consumers can buy for $10-15 dollars a month. With MSpy and other consumer-level spyware tools (there are several for iOS), you have to physically arrange for your target's phone to be jailbroken and then somebody has to manually install the tool.
   
 
=== Hacking Team tools for jailbreaking devices ===
 
=== Hacking Team tools for jailbreaking devices ===
   
Hacking Team's spyware tool also relies on a device being jailbroken with a publicly-available jailbreak tool (or perhaps a custom tool built on top of a publicly-available jailbreak). Jailbreaking iOS 6-8 requires that the device passcode is disabled during the jailbreaking process, and recent jailbreaks also require that Find My iPhone is turned off.
+
Hacking Team's spyware tool also relies on a device being jailbroken with a publicly-available jailbreak tool (or perhaps a custom tool built on top of a publicly-available jailbreak). Using public tools means that they have some of the same limitations as consumers: jailbreaking iOS 6-8 requires that the device passcode is disabled during the jailbreaking process, and recent jailbreaks also require that Find My iPhone is turned off.
   
 
Hacking Team has other pieces of malware for OS X and iOS that they may be able to combine to ease the process of jailbreaking the device and installing the spyware, probably with the help of their expertise in [https://en.wikipedia.org/wiki/Phishing#List_of_phishing_types spearphishing] attacks and other kinds of [https://en.wikipedia.org/wiki/Social_engineering_(security) social engineering] attacks.
 
Hacking Team has other pieces of malware for OS X and iOS that they may be able to combine to ease the process of jailbreaking the device and installing the spyware, probably with the help of their expertise in [https://en.wikipedia.org/wiki/Phishing#List_of_phishing_types spearphishing] attacks and other kinds of [https://en.wikipedia.org/wiki/Social_engineering_(security) social engineering] attacks.

Revision as of 20:23, 7 July 2015

Hacking Team is a company that "sells offensive intrusion and surveillance capabilities to governments and law enforcement agencies", including iOS spyware tools. The iOS spyware tools appear designed for targeting/attacking specific people, not for broad surveillance of the public.

Remote Control System tool (requires jailbreak)

In June 2015, security researchers published details about Hacking Team's iOS spyware tool, discovered via reverse engineering it. This research got confirmed in July 2015 by a data breach that revealed Hacking Team's internal documentation and pricing for this tool and related tools. (This was big news because the documents also had evidence that Hacking Team sold these tools to repressive governments.)

The revealed "Remote Control System" documentation includes on page 7 a description of the iOS tool: it requires a jailbreak, it's compatible with iOS 4-8.1, and it provides monitoring of chat (Skype, WhatsApp, and Viber), location, contacts, and list of calls. It costs about $55,000, purchased in conjunction with supporting tools and services.

Context for that tool is that other spyware tools for jailbroken iOS also exist - for example, there is a MSpy spyware tool distributed via the BigBoss repository, which consumers can buy for $10-15 dollars a month. With MSpy and other consumer-level spyware tools (there are several for iOS), you have to physically arrange for your target's phone to be jailbroken and then somebody has to manually install the tool.

Hacking Team tools for jailbreaking devices

Hacking Team's spyware tool also relies on a device being jailbroken with a publicly-available jailbreak tool (or perhaps a custom tool built on top of a publicly-available jailbreak). Using public tools means that they have some of the same limitations as consumers: jailbreaking iOS 6-8 requires that the device passcode is disabled during the jailbreaking process, and recent jailbreaks also require that Find My iPhone is turned off.

Hacking Team has other pieces of malware for OS X and iOS that they may be able to combine to ease the process of jailbreaking the device and installing the spyware, probably with the help of their expertise in spearphishing attacks and other kinds of social engineering attacks.

This Wired article about last year's security research explains a little more:

"The iOS spy module works only on jailbroken iPhones, but agents can simply run a jailbreaking tool and then install the spyware. The only thing protecting a user from a surreptitious jailbreak is enabling a password on the device. But if the device is connected to a computer infected with Da Vinci or Galileo software and the user unlocks the device with a password, the malware on the computer can surreptitiously jailbreak the phone to install the spy tool."

Hacking Team may also have tools that help crack passcodes on iOS devices, since other security researchers have done some research on that.

Will Strafach (User:ChronicDev) said on Twitter:

Newsstand keylogger tool (doesn't require jailbreak)

This MacWorld article reports that Hacking Team also has spyware that doesn't require a jailbreak, via misuse of developer certificates:

"Researchers have also found so far that Hacking Team has a legitimate Apple enterprise signing certificate, which is used to create software that can be installed by employees of a company who also accept or have installed a profile that allows use of apps signed by the certificate. It was shown last November that an enterprise certificate combined with a jailbroken iOS device could be used to bypass iOS protections on installing apps. Further, Hacking Team had developed a malicious Newsstand app that could capture keystrokes and install its monitoring software."