New Mac Malware Points to Return of Hacking Team

The controversial Italian intrusion and surveillance IT firm Hacking Team appears to be active again, according to security researchers who have identified a new kind of Mac malware. First submitted to the security analysis site VirusTotal on February 2, samples of the OS X malware reveal a number of hallmarks of Hacking Team code, said experts who have reviewed the code.

Founded by Italian programmers Alberto Ornaghi and Marco Valleri in 2003, Hacking Team has been widely criticized by privacy and civil rights advocates for selling its hacking and surveillance tools to governments with records of human rights abuses. The company was itself hacked in July, resulting in the release of 400 GB of e-mail conversations, internal files and source codes.

In a post yesterday on his Mac OS X security blog, SentinelOne senior researcher Pedro Vilaa said he analyzed a new sample of OS X malware code that uses “more or less the same techniques as older Hacking Team RCS [remote control systems] samples.” He added that reverse engineering the sample shows that the code dates to October or November of last year, indicating new activity by Hacking Team after its massive data breach last summer.

Malware First Went Undetected

Analysis of the sample code shows it is “a very fresh sample compared with what we got in the past, it is a sample created post July 2015 hack, and it’s using the same code base as before,” Vilaa said. “HackingTeam is still alive and kicking.”

”The company was founded on the premise that security provided by law enforcement is an essential right, just as privacy is,” Rabe said. “Hacking Team has paid dearly for taking that position. Well-publicized attacks against the company have been aimed apparently at destroying it.”

Read more on: Hacking Team, Mac, OS X, Apple, Cybersecurity, Hackers, Network Security, Data Security, Malware, Government, Top Tech News


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s