|
Title: 'Hacking Team' Data Breach Confirms Firm's Ability to Infiltrate Jailbroken iPhones Post by: HCK on July 07, 2015, 09:00:06 pm 'Hacking Team' Data Breach Confirms Firm's Ability to Infiltrate Jailbroken iPhones
Cybersecurity firm Hacking Team experienced a data breach earlier today, resulting in 400 GB of its documents being leaked onto the Internet, reports (http://www.theguardian.com/technology/2015/jul/06/hacking-team-hacked-firm-sold-spying-tools-to-repressive-regimes-documents-claim) The Guardian. The documents confirm Hacking Team's ability to infiltrate and monitor jailbroken iPhones on behalf of government law enforcement agencies like the NSA, as noted by (http://www.macworld.com/article/2944712/hacking-team-hack-reveals-why-you-shouldnt-jailbreak-your-iphone.html) Macworld. <img class="aligncenter size-full wp-image-456501" src="(http://cdn.macrumors.com/article-new/2015/07/hackingteam.png)" alt="hackingteam" width="800" height="213" /> Much has been speculated before and after Edward Snowden’s release of a trove of National Security Agency (NSA) documents in 2013 about the capabilities of the United States’ agencies as well as those of allies and enemies. The Hacking Team dump reveals quite a bit more about the routine functions of third-party suppliers into that ecosystem, including specifically enumerated capabilities.Hacking Team's software would need to be installed on a jailbroken iPhone, but the firm has the ability to jailbreak and infect a phone with its software via a malware-infected trusted computer the phone is connected to. In the firm's pricing list [PDF (https://drive.google.com/file/d/0B2q69Ncu9Fp_TF9XeFF3VFUwa2s/view), requires Chrome], it's revealed hacking an iOS device costs €50,000 ($55,242) and includes "features" like Skype, WhatsApp and Viber chats, location, contacts and lists of calls. However, this service also includes a prerequisite of a jailbroken iPhone. Hacking Team uses a legitimate Apple enterprise signing certificate, which is used by corporations to create software that can easily be installed on employee devices, combined with jailbroken iOS devices to bypass iOS app installation protections. Additionally, Hacking Team developed the ability to create a malicious Newsstand app that could capture keystrokes and install monitoring software. Last year, researchers working independently of each other at Kaspersky Lab and Citizen Lab discovered (http://www.wired.com/2014/06/remote-control-system-phone-surveillance/) components of Hacking Team's tools and how they were used by government agencies to steal data from mobile devices, but the full extent of the software hadn't been confirmed until now. Data breaching software and Apple devices have been in the news before, most famously in last year's celebrity iCloud data breach, where it was discovered (http://www.macrumors.com/2014/09/02/icloud-backups-vulnerable-to-hacking/) that hackers were using ElcomSoft Phone Password Breaker, software intended for government and law agencies, to steal usernames and passwords to access iCloud backups. While much of the discussion around government agencies and citizen data has revolved around mass collection, Hacking Team's software is designed to attack individual devices rather than a vast network. It's likely that the exploits detailed in Hacking Team's documents will be addressed and patched up in future iOS and Mac software updates. <small>Note: Due to the political nature of the discussion regarding this topic, the discussion thread is located in our Politics, Religion, Social Issues (http://forums.macrumors.com/forumdisplay.php?f=47) forum. All forum members and site visitors are welcome to read and follow the thread, but posting is limited to forum members with at least 100 posts.</small> Recent Mac and iOS Blog Stories • NBA Player Blames Elbow Injury on Larger-Screened iPhone (http://www.macrumors.com/2015/07/06/matt-bonner-tennis-elbow-iphone/) • How to Customize Apple TV to Show Only the Channels You Use (http://www.macrumors.com/how-to/customize-apple-tv-channels/) • 'World's First Swim App' on Apple Watch Put to the Test in New Video (http://www.macrumors.com/2015/07/06/worlds-first-swim-app-on-apple-watch/) • Using the Timer, Alarm, and Stopwatch Apps on Apple Watch (http://www.macrumors.com/how-to/apple-watch-timer-alarm-stopwatch/) • Apple Music Debuts Eminem's New Music Video, Announces Dr. Dre's Beats 1 Radio Show (http://www.macrumors.com/2015/07/03/apple-music-eminem-dre/) • TextBlade Update: An Inside Look at Production Troubles and New Info on Shipping Estimates (http://www.macrumors.com/2015/07/03/textblade-shipping-production-update/) • Video Review: Hands-On With Urban Armor Gear's iPad and iPhone 6 Plus Cases (http://www.macrumors.com/review/urban-armor-gear-iphone-and-ipad-cases/) • How to Troubleshoot Apps Overusing Energy in OS X (http://www.macrumors.com/how-to/troubleshoot-energy-heavy-apps-os-x/) <br clear='all'/> <a href="http://rc.feedsportal.com/r/233194318225/u/49/f/648327/c/35070/s/47e3b24f/sc/28/rc/1/rc.htm" rel="nofollow"><img src="http://rc.feedsportal.com/r/233194318225/u/49/f/648327/c/35070/s/47e3b24f/sc/28/rc/1/rc.img" border="0"/>[/url] <a href="http://rc.feedsportal.com/r/233194318225/u/49/f/648327/c/35070/s/47e3b24f/sc/28/rc/2/rc.htm" rel="nofollow"><img src="http://rc.feedsportal.com/r/233194318225/u/49/f/648327/c/35070/s/47e3b24f/sc/28/rc/2/rc.img" border="0"/>[/url] <a href="http://rc.feedsportal.com/r/233194318225/u/49/f/648327/c/35070/s/47e3b24f/sc/28/rc/3/rc.htm" rel="nofollow"><img src="http://rc.feedsportal.com/r/233194318225/u/49/f/648327/c/35070/s/47e3b24f/sc/28/rc/3/rc.img" border="0"/>[/url] <img src="http://da.feedsportal.com/r/233194318225/u/49/f/648327/c/35070/s/47e3b24f/sc/28/a2.img" border="0"/> (http://da.feedsportal.com/r/233194318225/u/49/f/648327/c/35070/s/47e3b24f/sc/28/a2.htm) <img src="http://adchoice.feedsportal.com/r/233194318225/u/49/f/648327/c/35070/s/47e3b24f/sc/28/ach.img" border="0"/> (http://adchoice.feedsportal.com/r/233194318225/u/49/f/648327/c/35070/s/47e3b24f/sc/28/ach.htm)<img width="1" height="1" src="http://pi.feedsportal.com/r/233194318225/u/49/f/648327/c/35070/s/47e3b24f/sc/28/a2t.img" border="0"/><img width="1" height="1" src="http://pi2.feedsportal.com/r/233194318225/u/49/f/648327/c/35070/s/47e3b24f/sc/28/a2t2.img" border="0"/><img width='1' height='1' src='(http://rss.feedsportal.com/c/35070/f/648327/s/47e3b24f/sc/28/mf.gif)' border='0'/><div class="feedflare"> <img src="http://feeds.feedburner.com/~ff/MacRumors-Front?d=yIl2AUoC8zA" border="0"></img> (http://feeds.macrumors.com/~ff/MacRumors-Front?a=8uOzQ1aS9MQ:O46Y5NKtL4s:yIl2AUoC8zA) <img src="http://feeds.feedburner.com/~ff/MacRumors-Front?d=6W8y8wAjSf4" border="0"></img> (http://feeds.macrumors.com/~ff/MacRumors-Front?a=8uOzQ1aS9MQ:O46Y5NKtL4s:6W8y8wAjSf4) <img src="http://feeds.feedburner.com/~ff/MacRumors-Front?d=qj6IDK7rITs" border="0"></img> (http://feeds.macrumors.com/~ff/MacRumors-Front?a=8uOzQ1aS9MQ:O46Y5NKtL4s:qj6IDK7rITs) </div><img src="http://feeds.feedburner.com/~r/MacRumors-Front/~4/8uOzQ1aS9MQ" height="1" width="1" alt=""/> Source: 'Hacking Team' Data Breach Confirms Firm's Ability to Infiltrate Jailbroken iPhones (http://www.macrumors.com/2015/07/06/hacking-team-jailbroken-iphone/) |