Attackers have compromised the network of Italian intrusion software vendor Hacking Team and released a large cache of the company’s private documents, including customer invoices that show sales to oppressive governments.
The incident came to light Sunday evening when unnamed attackers released a torrent with roughly 400 GB of data purported to be taken from Hacking Team’s network. Among the more potentially damaging documents made public are invoices showing that Hacking Team has sold its intrusion software to government agencies in countries known to have oppressive regimes, including Sudan, Ethiopia, and Egypt.
[...] Hacking Team officials have not released any official public statements about the attack yet.
As researchers and others have begun to look through the documents, they have found a number of significant things, aside from the invoices. Among the discoveries is the fact that Hacking Team has a legitimate Apple iOS developer certificate that expires next year. Another researcher found a handful of files that listed the VPS (virtual private server) servers used by Hacking Team, and published a list of the IP addresses for the servers.
