Hacked surveillance company Hacking Team just told customers to watch out for 'terrorists' using its products
Hacking Team made the claim in a public statement, warning customers sufficient amounts of its products' source code was leaked during the breach for hackers to effectively use them.
"Hacking Team's investigation has determined that sufficient code was released to permit anyone to deploy the software against any target of their choice. Before the attack, Hacking Team could control who had access to the technology which was sold exclusively to governments and government agencies," read the statement.
"Now, because of the work of criminals, that ability to control who uses the technology has been lost. Terrorists, extortionists and others can deploy this technology at will if they have the technical ability to do so."
Hacking Team offered no evidence terrorist groups are actually using its services.
Hacking Team were breached over the weekend when a group of hackers successfully stole and posted online 400GB of stolen data.
The data included the source code of its surveillance products, customer details, internal emails and employees' personal details.
Controversially, the leaks also suggested Hacking Team has dealings with some of the countries hosting the terrorist groups it references in its statement.
Specifically, the leaks have also lead to concerns Hacking Team is selling its surveillance products to countries international organisations, including the United Nations, NATO, European Parliament, and the US have blacklisted.
The leaks also included some of the vulnerabilities Hacking Team's products were using to infect victim systems and spy on people.
These have included exploits for jailbroken iPhones, Android tablets and smartphones and a previously undiscovered Adobe Flash vulnerability.
The Flash flaw caused ripples in the security community as common cyber criminals began using it to spread a nasty form of malware, known as CryptoWall.
CryptoWall is a blackmail focused malware that locks people out of their machines and demands payment to return access. Adobe has released a patch update fixing the flaw.
F-Secure security Advisor Sean Sullivan told Business Insider, while Team Hacking's statement is over the top, the Flash attacks prove businesses should begin protecting themselves from the leaked exploits.
"There is no lack of hyperbole in their statement, but this part is very true: Terrorists, extortionists and others can deploy this technology at will if they have the technical ability to do so," he said.
"We've already seen a leaked Flash exploit integrated into malware exploit kits. (Others.) The crimeware ecosystem will undoubtedly take advantage of the available source code and it is quite likely that some IS extremists will as well."
Prior to Team Hacking's warning FBI director James Comey listed terrorist groups, such as the Islamic State's (IS), use of online services as proof of need for fresh legislation controlling companies' use of end-to-end encryption in a public statement earlier this week.
- A SpaceX flight attendant said Elon Musk exposed himself and propositioned her for sex, documents show. The company paid $250,000 for her silence.
- WazirX receives 1023 requests for data from law enforcement in October-March 2022
- Elon Musk was dating Amber Heard and finalizing a divorce around the time he's said to have sexually harassed a SpaceX flight attendant
- Researchers develop a virus that works even when iPhone is switched off
- Supreme Court of India extends time for submitting Pegasus probe report
- Chopper services launched in Goa for tourists, locals
- Both Ambuja Cements and ACC are bet worth investing with strong parent Adani
- Reserve Bank to pay ₹30,307 crore dividend payment to Centre for FY22