At 3:15 Italian time on July 5, 2015, a normally quiet Twitter account of the notorious spyware company Hacking Team posted a strange message:
Since we are not hiding, we publish emails, files, and source code.
The company, and its Twitter account, were violated.
The tweet included a link to a torrent file of 400 gigabytes that contained all sensitive internal files: corporate emails, documents, contracts, spreadsheets, and spyware source code.
Even at first glance, it was a catastrophic breach. So when the journalists began the examination of the files they discovered Hacking Team's list of controversial clients, hacking techniques and the company's relationship with authorities and government intelligence.
The hacker had Phineas Fisher as a pseudonym. It was the man who hacked the hackers, and to this day has not been revealed and apparently will not be revealed if he does not want it.
Last July, an Italian judge decided that the investigation into who had violated the Hacking Team had to be terminated, arguing that there was no longer anything else to investigate.
For the investigating authorities, the hacking techniques used by the hacker were nuclear physics.
More than three years after the Hacking Team breach, we still don't know who was really behind the keyboard. After inspiring a whole new generation of hackers, Phineas Phisher disappeared and didn't report a hack for more than two years.
But now we know, more about how he entered the Hacking Team systems. Hacking Team founder and chief executive, David Vincenzetti, did not want to update his software, which Phineas Fisher took advantage of, and was able to attack an outdated system.
In December last year, prosecutors called for the case to be closed, arguing that they followed all the procedures and could not solve the mystery of Phineas Fisher's identity. So in early July of 2018, research was terminated.
"I am glad to hear that they have stopped their pointless investigation, which was mainly used as a tool by Vincenzetti to harass his former employees who did not like him." said Phineas Fisher on the Motherboard, referring to Hacking Team's efforts to blame former employees.
Court documents obtained by Motherboard reveal that the original entry point into Hacking Team's network was an outdated firewall system protections in a virtual private network. According to company sources, system administrators had installed a newer firewall, but Vincenzetti refused to upgrade his. (An email confirms that the VPN was left for “a few exceptions.”)
"Only one user used it and therefore it was not deactivated. […] Vincenzetti has the ultimate responsibility ", said a former employee of the Hacking Team, who was still in the company on the day of the hack.
Another former official said the VPN and firewall were outdated "because [Vincenzetti] could not be bothered to install a software update."
Phineas Fisher's original break-in took place on May 22, 2015, about six weeks before he put the stolen files online. Since then the hacker has been monitoring Hacking Team's network, and managed to breach the computers of the two system administrators on June 6, the same day he stole 290 gigabytes data.
On June 21, Phineas Fisher was able to access the source code, which was within a development network - the most sensitive part of the company - thanks to a "bridge" system installed between dev and the commercial network, according to court documents.
This bridge, according to workers in the Hacking Team, was installed because the managers did not want to go to another floor to work. With the bridge, they could manage the dev network remotely.
"If it were not for this system, Phineas Fisher would never have reached the dev internal network," said a former employee.
To avoid capture, Phineas Fisher used anonymous links with Tor, other proxies, and VPNs that had been filled with Bitcoin (other hacked) hack.
I'm glad to hear they have stopped their pointless research.
Bitcoin is relatively easy to detect, so it used stolen to pay for servers. This allowed Phineas Fisher to remain anonymous, according to court documents.
"I am ready to go to prison if necessary, but I prefer to remain free and active. "It is not surprising that I will not be caught," said Phineas Fisher. "With some basic precautions it is possible to remain anonymous on the internet."
_____________________
- StopUpdates10 stops on Windows 10 updates
- Subs4free block: the answer and alternative links
- Cinnamon 4.0 stable: just released
- Facebook: attention only sends friendship requests!
- Google because it's hard to believe it
