Hacking Team is an Italian company specializing in surveillance software who have just learned the hard way what it’s like when the tables are turned. Sunday, the company became the victims of a hack from unknown attackers who have released 400GB of data via a Torrent claimed to be from Hacking Team’s dark, private vaults.

As a vendor of spyware and intrusion services, Hacking Team became infamous for their privacy disrupting means when Reporters Without Borders added the company to their index of “The Enemies of the Internet.” The services Hacking Team sells are described as lawful interception products and “offensive technologies.”

The company also claims not to sell to oppressive regimes… However, as CSO Online reported yesterday, the 400GB of leaked data from Hacking Team appears to tell a different story. This has led to a flurry of interest from the media and the Internet community in general–more on this below.

The hackers who hit Hacking Team also took to Twitter to deface the company’s account with a new bio, a new logo, and published images revealing the compromised data.

Photo by Skley

400GB of pure, unadulterated schadenfreude

The Hacking Team claims that it does not work with oppressive political regimes when selling its government-level surveillance software and services…however, the leaked data appears to tell a slightly different story.

Christopher Soghoian from CSO Online took a look at the Torrent data released by the hackers and thinks that it suggests that Hacking Team’s client base may include countries such as South Korea, Kazakhstan, Saudi Arabia, Oman, Lebanon, and Mongolia.

Just from Torrent File listing, Hacking Team’s customers includes South Korea, Kazakhstan, Saudi Arabia, Oman, Lebanon, and Mongolia.

— Christopher Soghoian (@csoghoian) July 6, 2015

Then researchers broke open with an even bigger list of potential clients—including an invoice to Egypt for 58,000 Euro selling the company’s RCS Exploit Portal. So far, the known clients revealed in the data leak include:

Egypt, Ethiopia, Morocco, Nigeria, Sudan, Chile, Colombia, Ecuador, Honduras, Mexico, Panama, United States, Azerbaijan, Kazakhstan, Malaysia, Mongolia, Singapore, South Korea, Thailand, Uzbekistan, Vietnam, Australia, Cyprus, Czech Republic, Germany, Hungary, Italy, Luxemburg, Poland, Russia, Spain, Switzerland, Bahrain, Oman, Saudi Arabia, and the UAE.

Not all of these countries could be described as “oppressive regimes,” but some of them most certainly could.

Computer security researcher Bruce Schneier dubbed Hacking Team “a pretty sleazy company” in his blog post about the hack detailing his known knowledge of Reporters Without Borders previous encounters as well as Citizen Lab publishing reports on the company’s bad actions.

News about the hack and the data within the leak continues to pile up

The Guardian and Wired have both written their own reveals on the information available from the 400GB leak. No doubt, heads are already rolling in Italy over this one.

For those readers curious about the data released the Torrent is available at Mega (and here’s a mirror.) There is also a repository containing the Torrent’s source code data at GitHub.

Readers who want to catch up on commentary can visit Slashdot and Hacker News to see what other members of the Internet security and geek community think about the leaks as well for even more up-to-date news.

photo credit: Voxphoto via photopin cc