Hacking Team, a controversial Italian company that specialises in selling powerful surveillance software, has been colossally hacked. Included in a 400GB cache of files released publicly are alleged hotel bills, invoices from government agencies for computer exploits, passwords, and possibly even the source code for a number of the company’s products.
The company is famous for selling spying tech to everyone from the US Drug Enforcement Administration to authoritarian regimes in countries including Ethiopia. Now, details have emerged of Hacking Team’s relationship with the corporate sector, and in particular the finance industry.
In a PowerPoint presentation named “Finance Customers”, the logos of just under two dozen banks and insurance companies are presented. They include Deutsche Bank, one of Germany’s largest banks; Barclays, which operates in 50 different countries; and ING Direct, an Australian bank. Elsewhere in the hacked archive are details of products sold to these as well as other, smaller private companies.
It appears that the items or services sold are defensive in nature. Barclays received an internal review of its systems in 2011 for over 74,000 euros according to an invoice, and one document is a security audit carried out on behalf of Deutsche Bank, dating back to 2004. This took the form of an “Ethical Hacking” report, which is the product of a security company being hired to purposely try to break into a client’s systems, in order to gauge the strength of their defenses.