Journalists, activists beware: government spyware tricks revealed in Hacker Team leak
Notorious global spying firm Hacking Team has been hacked and over 400 GB of internal documents and source code is revealing the nasty tricks they use, including stealing login data, emails, browser history, Skype calls, and even activating webcams and microphones on phones remotely.
This is particularly important for journalists as invoices suggest they sold products to nations with bad human rights records, like Sudan, Egypt, Russia, Ethiopia, and their software was used to attack journalists. (Of the 61 journalists confirmed killed in 2014, over half covered human rights issues.)
We will try to keep this list updated as security researchers pour over the massive leak.
Those with Macs should check their ~/Library/LaunchAgents folder.
#MacProTip: if you have the file com.apple.mdworker.plist in your ~/Library/LaunchAgents folder, you have #HackingTeam spyware installed
— Patrick Walsh (@zmre) July 6, 2015
Avoid jailbreaking your iPhone as the leaked documents reveal Hacking Team offered software to crack jailbroken iOS devices, allowing them to monitor Skype calls, WhatsApp messages, location settings, and contact lists.
You should go to "Settings -> General -> Keyboard -> Keyboards" and check if there is a keyboard with strange looking/empty keyboard name.
— Stefan Esser (@i0n1c) July 7, 2015
Those using the Flash plugin should beware, there is a Flash 0-day that HackingTeam is using that is currently unpatched, disable flash or enable Click-to-Run. If you’re using Windows XP, try Microsoft’s EMET 4.1.
Flash 0day from #HackingTeam with a nice readme. Works very well on Chrome etc. http://t.co/nfqck54YhT pic.twitter.com/8uAQuUIXGV
— webDEViL (@w3bd3vil) July 6, 2015
As always, update your software often, and use an antivirus. Please don’t say “just don’t open attachments.” It’s the job of journalists and activists to open strange attachments sent anonymously. Send us tips to tips@hopesandfears.com.