Analyzing an Off-the-Shelf Surveillance Software: Hacking Team Case Study

Warning

This publication doesn't include Faculty of Economics and Administration. It includes Institute of Computer Science. Official publication website can be found on muni.cz.
Authors

ŠPAČEK Stanislav ČELEDA Pavel DRAŠAR Martin VIZVÁRY Martin

Year of publication 2017
Type Article in Proceedings
Conference SPI 2017 - Security and Protection of Information 2017
MU Faculty or unit

Institute of Computer Science

Citation
Web https://is.muni.cz/repo/1382042/2017-SPI-hacking-team-case-study-paper.pdf
Field Informatics
Keywords Hacking Team; Remote Control System; KYPO Cyber Range; Advanced Persistent Threat; Malware Builder Kit
Attached files
Description In July 2015, a major distributor and developer of covert surveillance tools, Italian company Hacking Team, has been hacked. Due to the attack, nearly 400 GB of internal data leaked on sharing networks. The data contained the latest version of the surveillance software named Galileo, including full technical and user documentation. We use this opportunity to examine key features of surveillance software that was designed for governmental agencies and its specification was kept secret. In this paper, we deploy the system in an isolated virtual environment and test its behavior during a surveillance operation. We use collected information to classify the advancement level of Galileo among similar mass-spread malware and the advanced persistent threats tools. With the hindsight of nearly two years, it is also possible to evaluate the impact the data leak had.
Related projects:

You are running an old browser version. We recommend updating your browser to its latest version.