Hacking Team Exploits Used By Chinese Cyber Attackers

Hacking Team Exploits Used By Chinese Cyber Attackers

Italian cybersecurity firm Hacking Team recently suffered an attack in which serious security flaws were exposed.

Now it is believed that hackers linked to China used those security exploits to attack companies in the aerospace and defense, energy, telecommunications and healthcare sectors, writes James Griffiths for The South China Morning Post.

Hayden Capital 2Q22 Performance Update

unnamed 12Hayden Capital's performance update for the second quarter ended June 30, 2022. Q2 2021 hedge fund letters, conferences and more Dear Partners and Friends, The markets continued to sell-off in the second quarter, especially for internet-based businesses.  This year continues to be the toughest stretch for us, since the Hayden’s inception.  Inflation concerns and the Read More

Hacking Team stockpiled security flaws

The hackers allegedly used tools which were stolen from Hacking Team, which sells surveillance software to authorities around the world.. The company lost 400 GB of data related to its core business of cyber security.

By maintaining a collection of flaws without informing the developers of affected programs, Hacking Team was vulnerable to an attack which would release knowledge of the security exploits to the wider hacking community.

In 2012 Reporters Without Borders called Hacking Team an “enemy of the internet” for selling surveillance tools to governments accused of human rights abuses. After it was hacked, many cybersecurity experts questioned why the company had not informed developers about the flaws.

The company stockpiled various so-called zero-day flaws, which had never been detected even by program developers. Their publication meant that hackers could use them to attack other targets.

Exploits used by hackers before developers could react

Security firm FireEye reports that it has noticed two Chinese hacking groups using Adobe Flash Player exploits.

“Zero-day exploits are extremely valuable to attack groups,” Bryce Boland, FireEye’s chief technology officer for Asia Pacific, told the South China Morning Post. “When we discover attackers using unknown exploits, we work with technology vendors to get them addressed quickly.”

He criticized the practice of stockpiling security flaws, saying that it “introduces a new risk that the exploits could be stolen and used by others.”

The hacking groups were able to carry out their attacks before Adobe issued a patch to fix the security flaw, which Hacking Team chief executive David Vincenzetti admitted to Italy’s La Stampa newspaper could be used by “terrorists [and] extortionists.”.

“Sufficient code was released to permit anyone to deploy the software against any target of their choice,” he said.

Although patches are expected to be released, there is no guarantee that everyone will download the updated versions. Users who continue to use older versions of software will still be at risk.

Updated on

While studying economics, Brendan found himself comfortably falling down the rabbit hole of restaurant work, ultimately opening a consulting business and working as a private wine buyer. On a whim, he moved to China, and in his first week following a triumphant pub quiz victory, he found himself bleeding on the floor based on his arrogance. The same man who put him there offered him a job lecturing for the University of Wales in various sister universities throughout the Middle Kingdom. While primarily lecturing in descriptive and comparative statistics, Brendan simultaneously earned an Msc in Banking and International Finance from the University of Wales-Bangor. He's presently doing something he hates, respecting French people. Well, two, his wife and her mother in the lovely town of Antigua, Guatemala. <i>To contact Brendan or give him an exclusive, please contact him at theflask@gmail.com</i>
Previous article AOF Management Joins The Cinedigm Noise
Next article Robert Robotti: What Attracted Us To Thai Equities

No posts to display