Saturday, March 23, 2019
Home / Security / Information / Milan hacking team relying on U.S. based servers

Milan hacking team relying on U.S. based servers

An Italian spyware agency, whose resources foreign governments apparently have used to snoop on dissidents and reporters, depends on servers of U.S. companies, as outlined by a new report from Citizen labs.

The report stated 20 percent of the hosts utilized by clients of the Hacking group, headquartered in Milan, are located in the United States, successfully making the businesses that own those hosts key nodes within a network of spyware servers, based on a report released today by Citizen Lab, located at the University of Toronto’s Munk School of world Affairs.

The usa had been the location of the single major concentration of Hacking Team servers discovered since May 2012, in accordance with the researchers. Of the 555 machines discovered worldwide, the researchers learned that 80 belonged to Linode, a New Jersey firm, and that 40 of those were servers located in the United States.

With Citizen Lab’s assistance, a human rights activist in Dubai found that his computer have been infected using the Italian firm’s software. His e-mail had been read despite his password being changed. In Morocco, computers owned by a team of journalists critical of the government were compromised utilizing the same spyware.

“What we’ve tried to do here is unravel Hacking Team’s labyrinthine hidden collection structure that they use to hide government spying globally,” stated Morgan Marquis-Boire, a senior researcher at Citizen Lab.

The report went on to state that the group used servers “disguised as the websites of US companies, including a small New York-based financial services firm related to an SEC investigation, a small Oregon newspaper, and ABC News.  We believe that the disguises were designed to mislead targets if they discovered that their systems were communicating with these servers.  Thus, we believe that the targets of the the spyware in these instances had some familiarity with these companies.”

Linode, in addition to Texas firm Rackspace, were the cloud-hosting organizations most often linked to the Team.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Amazon hacked – hacker leaks 80,000 login credentials

A hacker going by the name 0x2Taylor has said to have breached the servers of …