{
	"id": "ea25a217-7963-4b65-9d77-40f95b65e241",
	"created_at": "2026-04-06T00:13:28.461008Z",
	"updated_at": "2026-04-10T13:12:37.988287Z",
	"deleted_at": null,
	"sha1_hash": "01258ec767b056850f248e0c5a61f8825997ab01",
	"title": "HackingTeam",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 302324,
	"plain_text": "HackingTeam\r\nBy Contributors to Wikimedia projects\r\nPublished: 2014-04-21 · Archived: 2026-04-05 13:21:52 UTC\r\nFrom Wikipedia, the free encyclopedia\r\nHackingTeam\r\nIndustry Information technology\r\nFounded 2003\r\nFounders David Vincenzetti, Valeriano Bedeschi\r\nDefunct 2020\r\nFate Dissolved\r\nHeadquarters\r\nMilan\r\n,\r\nItaly\r\nProducts Software (IT-Security)\r\nBrands HackingTeam\r\nWebsite HackingTeam.it(offline)\r\nHacking Team was a Milan-based information technology company that sold offensive intrusion and surveillance\r\ncapabilities to governments, law enforcement agencies and corporations.[1] Its \"Remote Control Systems\" enabled\r\ngovernments and corporations to monitor the communications of internet users, decipher their encrypted files and\r\nemails, record Skype and other Voice over IP communications, and remotely activate microphones and camera on\r\ntarget computers.[2] The company was criticized for providing these capabilities to governments with poor human\r\nrights records,[3] though HackingTeam stated that they have the ability to disable their software if it is used\r\nunethically.\r\n[4][5]\r\n The Italian government restricted their license to do business with countries outside Europe.[6]\r\nHackingTeam employed around 40 people in its Italian office, and has subsidiary branches in Annapolis,\r\nWashington, D.C., and Singapore.\r\n[7]\r\n Its products were in use in dozens of countries across six continents.[8]\r\nhttps://en.wikipedia.org/wiki/Hacking_Team\r\nPage 1 of 13\n\nHackingTeam was founded in 2003 by Italian entrepreneurs Vincenzetti and Valeriano Bedeschi. In 2007 the\r\ncompany was invested by two Italian VC: Fondo Next and Innogest.[9]\r\nThe Milan police department learned of the company. Hoping to use its tool to spy on Italian citizens and listen to\r\ntheir Skype calls, the police contacted Vincenzetti and asked him to help.[10] HackingTeam became \"the first\r\nsellers of commercial hacking software to the police”.\r\nAccording to former employee Byamukama Robinhood, the company began as security services provider, offering\r\npenetration testing, auditing and other defensive capabilities to clients.[11] Byamukama states that as malware and\r\nother offensive capabilities were developed and accounted for a larger percentage of revenues, the organization\r\npivoted in a more offensive direction and became increasingly compartmentalized. Byamukama claims fellow\r\nemployees working on aspects of the same platform – for example, Android exploits and payloads – would not\r\ncommunicate with one another, possibly leading to tensions and strife within the organization.[11]\r\nIn February 2014, a report from Citizen Lab identified the organisation to be using hosting services from Linode,\r\nTelecom Italia, Rackspace, NOC4Hosts and bullet proof hosting company Santrex.\r\n[12]\r\nOn 5 July 2015 the company suffered a major data breach of customer data, software code, internal documents\r\nand e-mails. (See: § 2015 data breach)\r\nOn 2 April 2019 HackingTeam was acquired by InTheCyber Group to create Memento Labs.[13]\r\nProducts and capabilities\r\n[edit]\r\nHacking Team enables clients to perform remote monitoring functions against citizens via their RCS (remote\r\ncontrol systems), including their Da Vinci and Galileo platforms:[1]\r\nCovert collection of emails, text message, phone call history and address books\r\nKeystroke logging\r\nUncover search history data and take screenshots\r\nRecord audio from phone calls\r\nCapture audio and video stream from device memory to bypass cryptography of Skype sessions[14]\r\nUse microphones on device to collect ambient background noise and conversations\r\nActivate phone or computer cameras\r\nHijack telephone GPS systems to monitor target's location\r\nInfect target computer's UEFI BIOS firmware with a rootkit[15]\r\nExtract WiFi passwords[16]\r\nExfiltrate Bitcoin and other cryptocurrency wallet files to collect data on local accounts, contacts and\r\ntransaction histories[17]\r\nhttps://en.wikipedia.org/wiki/Hacking_Team\r\nPage 2 of 13\n\nHackingTeam uses advanced techniques to avoid draining cell phone batteries, which could potentially raise\r\nsuspicions, and other methods to avoid detection.[18][19]\r\nThe malware has payloads for Android,\r\n[16]\r\n BlackBerry, Apple iOS, Linux, Mac OS X, Symbian, as well as\r\nMicrosoft Windows, Windows Mobile and Windows Phone class of operating systems.\r\n[20]\r\nRCS is a management platform that allows operators to remotely deploy exploits and payloads against targeted\r\nsystems, remotely manage devices once compromised, and exfiltrate data for remote analysis.\r\nUse by repressive governments\r\n[edit]\r\nHackingTeam has been criticized for selling its products and services to governments with poor human rights\r\nrecords, including Sudan, Bahrain, Venezuela, and Saudi Arabia.\r\n[21]\r\nIn June 2014, a United Nations panel monitoring the implementation of sanctions on Sudan requested information\r\nfrom HackingTeam about their alleged sales of software to the country in contravention of United Nations\r\nweapons export bans to Sudan. Documents leaked in the 2015 data breach of HackingTeam revealed the\r\norganization sold Sudanese National Intelligence and Security Service access to their \"Remote Control System\"\r\nsoftware in 2012 for 960,000 Euros.[21]\r\nIn response to the United Nations panel, the company responded in January 2015 that they were not currently\r\nselling to Sudan. In a follow-up exchange, HackingTeam asserted that their product was not controlled as a\r\nweapon, and so the request was beyond the scope of the panel. There was no need for them to disclose previous\r\nsales, which they considered confidential business information.[21]\r\nThe U.N. disagreed. \"The view of the panel is that as such software is ideally suited to support military electronic\r\nintelligence (ELINT) operations it may potentially fall under the category of 'military ... equipment' or 'assistance'\r\nrelated to prohibited items,\" the secretary wrote in March. \"Thus its potential use in targeting any of the\r\nbelligerents in the Darfur conflict is of interest to the Panel.\"[21][22]\r\nIn the fall of 2014, the Italian government abruptly froze all of HackingTeam's exports, citing human rights\r\nconcerns. After lobbying Italian officials, the company temporarily won back the right to sell its products abroad.\r\n[21]\r\nOn July 5, 2015, the Twitter account of the company was compromised by an unknown individual who published\r\nan announcement of a data breach against HackingTeam's computer systems. The initial message read, \"Since we\r\nhave nothing to hide, we're publishing all our e-mails, files, and source code ...\" and provided links to over 400\r\ngigabytes of data, including alleged internal e-mails, invoices, and source code; which were leaked via BitTorrent\r\nand Mega.\r\n[23]\r\n An announcement of the data breach, including a link to the bittorrent seed, was retweeted by\r\nWikiLeaks and by many others through social media.[24][25]\r\nThe material was voluminous and early analysis appeared to reveal that HackingTeam had invoiced the Lebanese\r\nArmy[26] and Sudan and that spy tools were also sold to Bahrain and Kazakhstan.\r\n[25]\r\n HackingTeam had\r\nhttps://en.wikipedia.org/wiki/Hacking_Team\r\nPage 3 of 13\n\npreviously claimed they had never done business with Sudan.[27]\r\nThe leaked data revealed a zero-day cross-platform Flash exploit (CVE number: CVE-2015-5119.\r\n[28]\r\n The dump\r\nincluded a demo of this exploit by opening Calculator from a test webpage.[29][30][31] Adobe patched the hole on\r\nJuly 8, 2015.[32] Another vulnerability involving Adobe was revealed in the dumps, which took advantage of a\r\nbuffer overflow attack on an Adobe Open Type Manager DLL included with Microsoft Windows. The DLL is run\r\nin kernel mode, so the attack could perform privilege escalation to bypass the sandbox.\r\n[33]\r\nAlso revealed in leaked data was HackingTeam employees' use of weak passwords, including 'P4ssword',\r\n'wolverine', and 'universo'.[34]\r\nAfter a few hours without response from HackingTeam, member Christian Pozzi tweeted the company was\r\nworking closely with police and \"what the attackers are claiming regarding our company is not true.\"\r\n[35][36]\r\n He\r\nalso claimed the leaked archive \"contains a virus\" and that it constituted \"false info\".[37] Shortly after these tweets,\r\nPozzi's Twitter account itself was apparently compromised.[38]\r\nResponsibility for this attack was claimed by the hacker known as \"Phineas Fisher\" (or Phisher) on Twitter.\r\n[39]\r\nPhineas has previously attacked spyware firm Gamma International, who produce malware, such as FinFisher, for\r\ngovernments and corporations.[40] In 2016, Phineas published details of the attack, in Spanish and English, as a\r\n\"how-to\" for others, and explained the motivations behind the attack.[41][42]\r\nThe internal documents revealed details of HackingTeam's contracts with repressive governments.[43] In 2016, the\r\nItalian government again revoked the company's license to sell spyware outside of Europe without special\r\npermission.[6][44]\r\nUse by Mexican drug cartels\r\n[edit]\r\nCorrupt Mexican officials have helped drug cartels obtain state-of-the-art spyware (including Hacking Team\r\nspyware). The software has been used to target and intimidate Mexican journalists by drug cartels and cartel-entwined government actors.[45]\r\nHackingTeam's clientele include not just governments, but also corporate clients such as Barclays and British\r\nTelecom (BT) of the United Kingdom, as well as Deutsche Bank of Germany.\r\n[1]\r\nA full list of HackingTeam's customers were leaked in the 2015 breach. Disclosed documents show HackingTeam\r\nhad 70 current customers, mostly military, police, federal and provincial governments. The total company\r\nrevenues disclosed exceeded 40 million Euros.\r\n[46][47][48][49][50][51]\r\nOn Sep 8, 2021, SentinelLABS released a research report about a Turkish threat actor EGoManiac, that used\r\nRemote Control System (RCS), software from the Italian infosec firm Hacking Team, which was operated\r\nbetween 2010 and 2016 and campaign run by Turkish TV journalists at OdaTV for spying Turkish police.[52]\r\nhttps://en.wikipedia.org/wiki/Hacking_Team\r\nPage 4 of 13\n\nOverview of Hacking Team customers\r\nCustomer Country Area Agency\r\nYear\r\nof\r\nfirst\r\nsale\r\nAnnual\r\nmaintenance\r\nfees\r\nTotal\r\nclient\r\nrevenues\r\nPolizia Postale e delle\r\nComunicazioni[53]\r\nItaly Europe LEA 2004 €100,000 €808,833\r\nCentro Nacional de\r\nInteligencia[54]\r\nSpain Europe Intelligence 2006 €52,000 €538,000\r\nInfocomm\r\nDevelopment\r\nAuthority of\r\nSingapore\r\nSingapore APAC Intelligence 2008 €89,000 €1,209,967\r\nInformation Office Hungary Europe Intelligence 2008 €41,000 €885,000\r\nCSDN Morocco MEA Intelligence 2009 €140,000 €1,936,050\r\nUPDF (Uganda\r\nPeoples Defense\r\nForce), ISO (Internal\r\nSecurity\r\nOrganization), Office\r\nof the President\r\nUganda Africa Intelligence 2015 €731,000 €920,197\r\nItaly - DA - Rental Italy Europe Other 2009 €50,000 €628,250\r\nMalaysian Anti-Corruption\r\nCommission\r\nMalaysia APAC Intelligence 2009 €77,000 €789,123\r\nPCM Italy Europe Intelligence 2009 €90,000 €764,297\r\nSSNS - Ungheria Hungary Europe Intelligence 2009 €64,000 €1,011,000\r\nCC - Italy Italy Europe LEA 2010 €50,000 €497,349\r\nAl Mukhabarat Al\r\nA'amah\r\nSaudi Arabia MEA Intelligence 2010 €45,000 €600,000\r\nIR Authorities\r\n(Condor)\r\nLuxembourg Europe Other 2010 €45,000 €446,000\r\nhttps://en.wikipedia.org/wiki/Hacking_Team\r\nPage 5 of 13\n\nCustomer Country Area Agency\r\nYear\r\nof\r\nfirst\r\nsale\r\nAnnual\r\nmaintenance\r\nfees\r\nTotal\r\nclient\r\nrevenues\r\nLa Dependencia y/o\r\nCISEN[55] Mexico LATAM Intelligence 2010 €130,000 €1,390,000\r\nUZC[56]\r\nCzech\r\nRepublic\r\nEurope LEA 2010 €55,000 €689,779\r\nEgypt - MOD[56] Egypt MEA Other 2011 €70,000 €598,000\r\nFederal Bureau of\r\nInvestigation[57]\r\nUSA\r\nNorth\r\nAmerica\r\nLEA 2011 €100,000 €697,710\r\nOman - Intelligence Oman MEA Intelligence 2011 €30,000 €500,000\r\nPresident Security[58]\r\n[59]\r\nPanama LATAM Intelligence 2011 €110,000 €750,000\r\nTurkish National\r\nPolice\r\nTurkey Europe LEA 2011 €45,000 €440,000\r\nUAE - MOI UAE MEA LEA 2011 €90,000 €634,500\r\nNational Security\r\nService[56]\r\nUzbekistan Asia Intelligence 2011 €50,000 €917,038\r\nDepartment of\r\nDefense[57]\r\nUSA\r\nNorth\r\nAmerica\r\nLEA 2011 €190,000\r\nBayelsa State\r\nGovernment\r\nNigeria MEA Intelligence 2012 €75,000 €450,000\r\nEstado de Mexico Mexico LATAM LEA 2012 €120,000 €783,000\r\nInformation Network\r\nSecurity Agency\r\nEthiopia MEA Intelligence 2012 €80,000 €750,000\r\nState security (Falcon) Luxemburg Europe Other 2012 €38,000 €316,000\r\nItaly - DA - Rental Italy Europe Other 2012 €60,000 €496,000\r\nMAL - MI Malaysia APAC Intelligence 2012 €77,000 €552,000\r\nDirection générale de\r\nla surveillance du\r\nMorocco MEA Intelligence 2012 €160,000 €1,237,500\r\nhttps://en.wikipedia.org/wiki/Hacking_Team\r\nPage 6 of 13\n\nCustomer Country Area Agency\r\nYear\r\nof\r\nfirst\r\nsale\r\nAnnual\r\nmaintenance\r\nfees\r\nTotal\r\nclient\r\nrevenues\r\nterritoire\r\nNational Intelligence\r\nand Security\r\nService[56]\r\nSudan MEA Intelligence 2012 €76,000 €960,000\r\nRussia - KVANT[60] Russia Europe Intelligence 2012 €72,000 €451,017\r\nSaudi - GID Saudi MEA LEA 2012 €114,000 €1,201,000\r\nSIS of National\r\nSecurity Committee of\r\nKazakhstan[56]\r\nKazakhstan Europe Intelligence 2012 €140,000 €1,012,500\r\nThe 5163 Army\r\nDivision (Alias of\r\nSouth Korean\r\nNational Intelligence\r\nService)[56][61][62]\r\nS. Korea APAC Other 2012 €67,000 €686,400\r\nUAE - Intelligence UAE MEA Other 2012 €150,000 €1,200,000\r\nCentral Intelligence\r\nAgency\r\nUSA\r\nNorth\r\nAmerica\r\nIntelligence 2011\r\nDrug Enforcement\r\nAdministration[57][63]\r\nUSA\r\nNorth\r\nAmerica\r\nOther 2012 €70,000 €567,984\r\nCentral Anticorruption\r\nBureau\r\nPoland Europe LEA 2012 €35,000 €249,200\r\nMOD Saudi Saudi MEA Other 2013 €220,000 €1,108,687\r\nPMO Malaysia APAC Intelligence 2013 €64,500 €520,000\r\nEstado de Querétaro Mexico LATAM LEA 2013 €48,000 €234,500\r\nNational Security\r\nAgency[56]\r\nAzerbaijan Europe Intelligence 2013 €32,000 €349,000\r\nGobierno de Puebla Mexico LATAM Other 2013 €64,000 €428,835\r\nhttps://en.wikipedia.org/wiki/Hacking_Team\r\nPage 7 of 13\n\nCustomer Country Area Agency\r\nYear\r\nof\r\nfirst\r\nsale\r\nAnnual\r\nmaintenance\r\nfees\r\nTotal\r\nclient\r\nrevenues\r\nGobierno de\r\nCampeche\r\nMexico LATAM Other 2013 €78,000 €386,296\r\nAC Mongolia Mongolia APAC Intelligence 2013 €100,000 €799,000\r\nDept. of Correction\r\nThai Police\r\nThailand APAC LEA 2013 €52,000 €286,482\r\nNational Intelligence\r\nSecretariat[64]\r\nEcuador LATAM LEA 2013 €75,000 €535,000\r\nPolice Intelligence\r\nDirectorate[citation\r\nneeded]\r\nColombia LATAM LEA 2013 €35,000 €335,000\r\nGuardia di Finanza Italy Europe LEA 2013 €80,000 €400,000\r\nIntelligence[65] Cyprus Europe LEA 2013 €40,000 €375,625\r\nMidWorld[66] Bahrain MEA Intelligence 2013 €210,000\r\nMexico - PEMEX Mexico LATAM LEA 2013 €321,120\r\nMalaysia K Malaysia APAC LEA 2013 €0\r\nHonduras Honduras LATAM LEA 2014 €355,000\r\nMex Taumalipas Mexico LATAM 2014 €322,900\r\nSecretaría de\r\nPlaneación y Finanzas\r\nMexico LATAM LEA 2014 €91,000 €371,035\r\nAREA Italia Europe 2014 €430,000\r\nMexico Yucatán Mexico LATAM LEA 2014 €401,788\r\nMexico Durango Mexico LATAM LEA 2014 €421,397\r\nInvestigations Police\r\nof Chile\r\nChile LATAM LEA 2014 €2,289,155\r\nJalisco Mexico Mexico LATAM LEA 2014 €748,003\r\nRoyal Thai Army Thailand APAC LEA 2014 €360,000\r\nhttps://en.wikipedia.org/wiki/Hacking_Team\r\nPage 8 of 13\n\nCustomer Country Area Agency\r\nYear\r\nof\r\nfirst\r\nsale\r\nAnnual\r\nmaintenance\r\nfees\r\nTotal\r\nclient\r\nrevenues\r\nVietnam GD5 Vietnam APAC 2014 €281,170\r\nKantonspolizei Zürich Switzerland Europe LEA 2014 €486,500\r\nVietnam GD1 Vietnam APAC LEA 2015 €543,810\r\nEgypt TRD GNSE Egypt MEA LEA 2015 €137,500\r\nLebanese Army Lebanon MEA LEA 2015\r\nFederal Police\r\nDepartment\r\nBrazil LATAM LEA 2015\r\nNational\r\nAnticorruption\r\nDirectorate\r\nRomania DNA Intelligence 2015\r\nState Informative\r\nService[67]\r\nAlbania Europe SHIK 2015\r\nDanish National\r\nPolice[68]\r\nDenmark Europe 2015 €570,000\r\nFinFisher\r\nMiniPanzer and MegaPanzer\r\nVupen – 0-day exploit provider linked to HackingTeam[69]\r\nMamfakinch – a citizen media organization targeted with malware allegedly developed by\r\nHackingTeam[70]\r\nFirst Wap\r\nPegasus\r\n1. ^ Jump up to: a\r\n \r\nb\r\n \r\nc\r\n Batey, Angus (24 November 2011). \"The spies behind your screen\". The Telegraph.\r\nArchived from the original on 6 October 2022. Retrieved 26 July 2015.\r\n2. ^ \"Enemies of the Internet: HackingTeam\". Reporters Without Borders. Archived from the original on 29\r\nApril 2014. Retrieved 24 April 2014.\r\n3. ^ Marczak, Bill; Gaurnieri, Claudio; Marquis-Boire, Morgan; Scott-Railton, John (17 February 2014).\r\n\"Mapping HackingTeam's \"Untraceable\" Spyware\". Citizen Lab. Archived from the original on 20\r\nFebruary 2014.\r\n4. ^ Kopfstein, Janus (10 March 2014). \"Hackers Without Borders\". The New Yorker. Archived from the\r\noriginal on 6 November 2018. Retrieved 24 April 2014.\r\nhttps://en.wikipedia.org/wiki/Hacking_Team\r\nPage 9 of 13\n\n5. ^ Marquis-Boire, Morgan; Gaurnieri, Claudio; Scott-Railton, John; Kleemola, Katie (24 June 2014).\r\n\"Police Story: HackingTeam's Government Surveillance Malware\". Citizen Lab. University of Toronto.\r\nArchived from the original on 25 June 2014. Retrieved 3 August 2014.\r\n6. ^ Jump up to: a\r\n \r\nb\r\n Zorabedian, John (8 April 2016). \"HackingTeam loses global license to sell spyware\".\r\nNaked Security. Archived from the original on 6 June 2023. Retrieved 15 May 2016.\r\n7. ^ Human Rights Watch (25 March 2014). \"They Know Everything We Do\" Archived 3 May 2023 at the\r\nWayback Machine. Retrieved 1 August 2015.\r\n8. ^ Jeffries, Adrianne (13 September 2013). \"Meet HackingTeam, the company that helps the police hack\r\nyou\". The Verge. Archived from the original on 24 March 2016. Retrieved 21 April 2014.\r\n9. ^ \"Noi, i padri del cyber-007\". 2 December 2011. Archived from the original on 19 April 2019. Retrieved\r\n19 April 2019.\r\n10. ^ Jeffries, Adrianne (13 September 2013). \"Meet Hacking Team, the company that helps the police hack\r\nyou\". The Verge. Archived from the original on 24 March 2016. Retrieved 20 August 2021.\r\n11. ^ Jump up to: a\r\n \r\nb\r\n Farivar, Cyrus (20 July 2015). \"Hacking Team goes to war against former employees,\r\nsuspects some helped hackers\". Ars Technica. Archived from the original on 13 April 2019. Retrieved 11\r\nApril 2024.\r\n12. ^ \"HackingTeam's US Nexus\". 28 February 2014. Archived from the original on 12 July 2015. Retrieved 2\r\nAugust 2015.\r\n13. ^ \"Nasce Memento Labs\". 2 April 2019. Archived from the original on 19 April 2019. Retrieved 19 April\r\n2019.\r\n14. ^ Stecklow, Steve; Sonne, Paul; Bradley, Matt (1 June 2011). \"Mideast Uses Western Tools to Battle the\r\nSkype Rebellion\". The Wall Street Journal. Retrieved 26 July 2015.\r\n15. ^ Lin, Philippe (13 July 2015). \"HackingTeam Uses UEFI BIOS Rootkit to Keep RCS 9 Agent in Target\r\nSystems\". TrendLabs Security Intelligence Blog. Trend Micro. Archived from the original on 6 May 2019.\r\nRetrieved 26 July 2015.\r\n16. ^ Jump up to: a\r\n \r\nb\r\n \"Advanced spyware for Android now available to script kiddies everywhere\" Archived 18\r\nApril 2019 at the Wayback Machine. Ars Technica. Retrieved 2 August 2015.\r\n17. ^ Farivar, Cyrus (14 July 2015). \"HackingTeam broke Bitcoin secrecy by targeting crucial wallet file\r\nArchived 17 April 2019 at the Wayback Machine\". Ars Technica. Retrieved 26 July 2015.\r\n18. ^ Schneier, Bruce. \"More on HackingTeam's Government Spying Software\". Archived from the original on\r\n31 October 2014. Retrieved 28 June 2014.\r\n19. ^ \"HackingTeam Tools Allow Governments To Take Full Control of Your Smartphone\". International\r\nBusiness Times UK. 24 June 2014. Archived from the original on 28 February 2019. Retrieved 15 May\r\n2016.\r\n20. ^ Guarnieri, Claudio; Marquis-Boire, Morgan (13 January 2014). \"To Protect And Infect: The\r\nmilitarization of the Internet\" Archived 23 June 2019 at the Wayback Machine. At the 30th Chaos\r\nCommunications Congress – \"30C3\". (Video or Audio). Chaos Computer Club. Retrieved 15 August 2015.\r\n21. ^ Jump up to: a\r\n \r\nb\r\n \r\nc\r\n \r\nd\r\n \r\ne\r\n Hay Newman, Lily (7 July 2015). \"A Detailed Look at HackingTeam's Emails About\r\nIts Repressive Clients\". The Intercept. Archived from the original on 7 March 2019. Retrieved 15 May\r\n2016.\r\n22. ^ Knibbs, Kate (8 July 2015). \"HackingTeam's Lame Excuse for Selling Digital Weapons to Sudan\".\r\nGizmodo. Archived from the original on 25 December 2017. Retrieved 15 May 2016.\r\nhttps://en.wikipedia.org/wiki/Hacking_Team\r\nPage 10 of 13\n\n23. ^ \"Hacked Team (@hackingteam)\". Archived from the original on 6 July 2015. Retrieved 6 July 2015.\r\n{{cite web}} : CS1 maint: bot: original URL status unknown (link)\r\n24. ^ WikiLeaks [@wikileaks] (6 July 2015). \"Inside malware makers \"HackingTeam\": hundreds of gigabytes\r\nof e-mails, files, and source code\" (Tweet). Retrieved 6 July 2015 – via Twitter.\r\n25. ^ Jump up to: a\r\n \r\nb\r\n \"HackingTeam hacked: Spy tools sold to oppressive regimes Sudan, Bahrain and\r\nKazakhstan\". International Business Times. 6 June 2015. Archived from the original on 19 April 2019.\r\nRetrieved 6 July 2015.\r\n26. ^ HackingTeam on X\r\n27. ^ Ragan, Steve (5 July 2015). \"HackingTeam hacked, attackers claim 400GB in dumped data\". Retrieved 6\r\nJuly 2015.\r\n28. ^ \"Security Advisory for Adobe Flash Player\". helpx.adobe.com. Adobe Systems. 8 July 2015. Archived\r\nfrom the original on 9 July 2015. Retrieved 30 August 2016.\r\n29. ^ Khandelwal, Swati. \"Zero-Day Flash Player Exploit Disclosed In 'HackingTeam' Data Dump\". Archived\r\nfrom the original on 22 June 2019. Retrieved 6 July 2015.\r\n30. ^ Pi, Peter. \"Unpatched Flash Player Flaw, More POCs Found in HackingTeam Leak\". Archived from the\r\noriginal on 22 June 2019. Retrieved 8 July 2015.\r\n31. ^ \"WICAR test malware\". Archived from the original on 31 August 2019. Retrieved 16 May 2017.\r\n32. ^ \"Adobe Security Bulletin\". Archived from the original on 10 July 2015. Retrieved 11 July 2015.\r\n33. ^ Tang, Jack (7 July 2015). \"A Look at the Open Type Font Manager Vulnerability from the HackingTeam\r\nLeak\". Archived from the original on 14 April 2019. Retrieved 8 July 2015.\r\n34. ^ Whittaker, Zack. \"HackingTeam used shockingly bad passwords\". ZDNet. Archived from the original on\r\n12 February 2019. Retrieved 6 July 2015.\r\n35. ^ Christian Pozzi. \"unknown\". Archived from the original on 7 March 2021. Retrieved 6 July 2015 – via\r\nTwitter.\r\n36. ^ Christian Pozzi. \"unknown\". Archived from the original on 7 March 2021. Retrieved 6 July 2015 – via\r\nTwitter.\r\n37. ^ Christian Pozzi. \"unknown\". Archived from the original on 23 December 2020. Retrieved 6 July 2015 –\r\nvia Twitter.\r\n38. ^ \"Christian Pozzi on Twitter: \"Uh Oh - my twitter account was also hacked.\"\". 6 July 2015. Archived from\r\nthe original on 6 July 2015. Retrieved 6 July 2015.\r\n39. ^ Phineas Fisher [@gammagrouppr] (6 July 2015). \"gamma and HT down, a few more to go :)\" (Tweet) –\r\nvia Twitter.\r\n40. ^ Osbourne, Charlie. \"HackingTeam: We won't 'shrivel up and go away' after cyberattack\". ZDNet.\r\nArchived from the original on 5 July 2018. Retrieved 6 July 2015.\r\n41. ^ Hack Back — A DIY Guide (Hacking Team). 26 April 2017. Archived from the original on 8 January\r\n2024. Retrieved 8 January 2024.\r\n42. ^ \"How HackingTeam got hacked\". Ars Technica. 19 April 2016. Archived from the original on 18 June\r\n2017. Retrieved 15 May 2016.\r\n43. ^ \"A Detailed Look at HackingTeam's Emails About Its Repressive Clients\". The Intercept. 7 July 2015.\r\nArchived from the original on 7 March 2019. Retrieved 15 May 2016.\r\n44. ^ \"Hacking Team's Global License Revoked by Italian Export Authorities\". Privacy International. 8 April\r\n2016. Archived from the original on 5 May 2019. Retrieved 15 May 2016.\r\nhttps://en.wikipedia.org/wiki/Hacking_Team\r\nPage 11 of 13\n\n45. ^ \"'It's a free-for-all': how hi-tech spyware ends up in the hands of Mexico's cartels\". TheGuardian.com. 7\r\nDecember 2020. Archived from the original on 24 February 2022. Retrieved 7 December 2020.\r\n46. ^ Kopstein, Justin (6 July 2015). \"Here Are All the Sketchy Government Agencies Buying HackingTeam's\r\nSpy Tech\". Vice Magazine. Archived from the original on 31 March 2019. Retrieved 5 May 2019.\r\n47. ^ Weissman, Cale Guthrie (6 July 2015). \"Hacked security company's documents show a laundry list of\r\nquestionable clients\". Business Insider. Archived from the original on 6 October 2019. Retrieved 5 May\r\n2019.\r\n48. ^ Ragan, Steve. \"In Pictures: HackingTeam's hack curated\". CSO Online (Australia). Archived from the\r\noriginal on 9 April 2019. Retrieved 5 May 2019.\r\n49. ^ Hern, Alex (6 July 2015). \"HackingTeam hacked: firm sold spying tools to repressive regimes, documents\r\nclaim\". The Guardian. Retrieved 22 July 2015.\r\n50. ^ Ragan, Steve (6 July 2015). \"HackingTeam responds to data breach, issues public threats and denials\".\r\nCSO Online. Archived from the original on 1 March 2019. Retrieved 22 July 2015.\r\n51. ^ Stevenson, Alastair (14 July 2015). \"A whole bunch of downed government surveillance programs are\r\nabout to go back online\". Business Insider. Archived from the original on 23 July 2015. Retrieved 22 July\r\n2015.\r\n52. ^ Stevenson, Alastair (8 September 2021). \"Hacking Team Customer in Turkey Was Arrested for Spying on\r\nPolice Colleagues [or: The Spy Story That Spun a Tangled Web]\". Zetter. Archived from the original on 4\r\nApril 2022. Retrieved 8 September 2021.\r\n53. ^ Jone Pierantonio. \"Ecco chi ha bucato HackingTeam\" Archived 6 August 2015 at the Wayback Machine.\r\nInternational Business Times. Retrieved 2 August 2015.\r\n54. ^ Ediciones El País (8 July 2015). \"HackingTeam: “Ofrecemos tecnología ofensiva para la Policía”\"\r\nArchived 18 December 2019 at the Wayback Machine. El País. Retrieved 2 August 2015.\r\n55. ^ \"The HackingTeam leak shows Mexico was its top client, but why?\" Archived 10 October 2019 at the\r\nWayback Machine. Fusion. Retrieved 2 August 2015.\r\n56. ^ Jump up to: a\r\n \r\nb\r\n \r\nc\r\n \r\nd\r\n \r\ne\r\n \r\nf\r\n \r\ng\r\n \"Leaked emails from security firm HackingTeam show government use -\r\nFortune\" Archived 20 July 2015 at the Wayback Machine. Fortune. Retrieved 2 August 2015.\r\n57. ^ Jump up to: a\r\n \r\nb\r\n \r\nc\r\n \"Leaked Documents Show FBI, DEA and U.S. Army Buying Italian Spyware\". The\r\nIntercept. Retrieved 2 August 2015.\r\n58. ^ \"HackingTeam's Equipment Got Stolen in Panama\". Motherboard. Retrieved 2 August 2015.\r\n59. ^ Molina, Thabata (13 August 2015). \"Panama to Investigate Martinelli in HackingTeam Spying Scandal\"\r\nArchived 27 June 2019 at the Wayback Machine. Panama Post. Retrieved 15 August 2015.\r\n60. ^ \"HackingTeam apparently violated EU rules in sale of spyware to Russian agency\" Archived 2 December\r\n2017 at the Wayback Machine. Ars Technica. Retrieved 2 August 2015.\r\n61. ^ \"How HackingTeam Created Spyware that Allowed the FBI To Monitor Tor Browser\" Archived 12 June\r\n2019 at the Wayback Machine. The Intercept. Retrieved 2 August 2015.\r\n62. ^ McGrath, Ben (25 July 2015). \"Further revelations in South Korean hacking scandal Archived 7 August\r\n2015 at the Wayback Machine\". World Socialist Web Site. Retrieved 26 July 2015.\r\n63. ^ \"The DEA Just Cancelled Its Contract With HackingTeam\" . Motherboard. Retrieved 2 August 2015.\r\n64. ^ * Ecuadorian Websites Report on Hacking Team, Get Taken Down, archived from the original on 20 July\r\n2019, retrieved 5 May 2019\r\nhttps://en.wikipedia.org/wiki/Hacking_Team\r\nPage 12 of 13\n\nHacking Team Helped Ecuador Spy on Opposition Activist, archived from the original on 11\r\nNovember 2019, retrieved 5 May 2019\r\nCorrection: Ecuador-Hacking The Opposition story, 7 August 2015\r\n65. ^ In Cyprus (11 July 2015).Intelligence Service chief steps down Archived 2015-08-15 at the Wayback\r\nMachine. Retrieved 26 July 2015.\r\n66. ^ Bahrain Center for Human Rights (15 July 2015). \"HackingTeam's troubling connections to Bahrain\r\nArchived 21 July 2015 at the Wayback Machine\" IFEX. Retrieved 26 July 2015.\r\n67. ^ Lexime (14 July 2015). \"Burime të sigurta, SHISH përdor programet përgjuese që prej 2015.\r\nHackingTeams: Nuk e kemi nën kontroll sistemin! Archived 9 January 2020 at the Wayback Machine\"\r\n(video). BalkanWeb. Retrieved 27 July 2015.\r\n68. ^ \"Dansk politi køber overvågningssystem fra kontroversielt firma\". Information.dk. Dagbladet\r\nInformation. Archived from the original on 20 September 2021. Retrieved 10 October 2021.\r\n69. ^ HackingTeam: a zero-day market case study Archived 24 July 2015 at the Wayback Machine, Vlad\r\nTsyrklevich's blog\r\n70. ^ Perlroth, Nicole (10 October 2012). Ahead of Spyware Conference, More Evidence of Abuse Archived\r\n26 December 2017 at the Wayback Machine. The New York Times (Bits).\r\nOfficial website\r\nHackingTeam Archives - investigative reports published by The Citizen Lab\r\nSource: https://en.wikipedia.org/wiki/Hacking_Team\r\nhttps://en.wikipedia.org/wiki/Hacking_Team\r\nPage 13 of 13\n\nOn Sep 8, 2021, Remote Control SentinelLABS System (RCS), released a research software from the report about Italian infosec a Turkish threat firm Hacking actor EGoManiac, Team, which that used was operated\nbetween 2010 and 2016 and campaign run by Turkish TV journalists at OdaTV for spying Turkish police.[52]\n   Page 4 of 13   \n\n  https://en.wikipedia.org/wiki/Hacking_Team   \n5. ^ Marquis-Boire, Morgan; Gaurnieri, Claudio; Scott-Railton, John; Kleemola, Katie (24 June 2014).\n\"Police Story: HackingTeam's Government Surveillance Malware\". Citizen Lab. University of Toronto.\nArchived from the original on 25 June 2014. Retrieved 3 August 2014.  \n6. ^ Jump up to: a b Zorabedian, John (8 April 2016). \"HackingTeam loses global license to sell spyware\".\nNaked Security. Archived from the original on 6 June 2023. Retrieved 15 May 2016. \n7. ^ Human Rights Watch (25 March 2014). \"They Know Everything We Do\" Archived 3 May 2023 at the\nWayback Machine. Retrieved 1 August 2015.   \n8. ^ Jeffries, Adrianne (13 September 2013). \"Meet HackingTeam, the company that helps the police hack\nyou\". The Verge. Archived from the original on 24 March 2016. Retrieved 21 April 2014. \n9. ^ \"Noi, i padri del cyber-007\". 2 December 2011. Archived from the original on 19 April 2019. Retrieved\n19 April 2019.     \n10. ^ Jeffries, Adrianne (13 September 2013). \"Meet Hacking Team, the company that helps the police hack\nyou\". The Verge. Archived from the original on 24 March 2016. Retrieved 20 August 2021. \n11. ^ Jump up to: a b Farivar, Cyrus (20 July 2015). \"Hacking Team goes to war against former employees,\nsuspects some helped hackers\". Ars Technica. Archived from the original on 13 April 2019. Retrieved 11\nApril 2024.     \n12. ^ \"HackingTeam's US Nexus\". 28 February 2014. Archived from the original on 12 July 2015. Retrieved 2\nAugust 2015.     \n13. ^ \"Nasce Memento Labs\". 2 April 2019. Archived from the original on 19 April 2019. Retrieved 19 April\n2019.     \n14. ^ Stecklow, Steve; Sonne, Paul; Bradley, Matt (1 June 2011). \"Mideast Uses Western Tools to Battle the\nSkype Rebellion\". The Wall Street Journal. Retrieved 26 July 2015.  \n15. ^ Lin, Philippe (13 July 2015). \"HackingTeam Uses UEFI BIOS Rootkit to Keep RCS 9 Agent in Target\nSystems\". TrendLabs Security Intelligence Blog. Trend Micro. Archived from the original on 6 May 2019.\nRetrieved 26 July 2015.    \n16. ^ Jump up to: a b \"Advanced spyware for Android now available to script kiddies everywhere\" Archived 18\nApril 2019 at the Wayback Machine. Ars Technica. Retrieved 2 August 2015.  \n17. ^ Farivar, Cyrus (14 July 2015). \"HackingTeam broke Bitcoin secrecy by targeting crucial wallet file\nArchived 17 April 2019 at the Wayback Machine\". Ars Technica. Retrieved 26 July 2015. \n18. ^ Schneier, Bruce. \"More on HackingTeam's Government Spying Software\". Archived from the original on\n31 October 2014. Retrieved 28 June 2014.   \n19. ^ \"HackingTeam Tools Allow Governments To Take Full Control of Your Smartphone\". International \nBusiness Times UK. 24 June 2014. Archived from the original on 28 February 2019. Retrieved 15 May\n2016.     \n20. ^ Guarnieri, Claudio; Marquis-Boire, Morgan (13 January 2014). \"To Protect And Infect: The\nmilitarization of the Internet\" Archived 23 June 2019 at the Wayback Machine. At the 30th Chaos\nCommunications Congress-\"30C3\". (Video or Audio). Chaos Computer Club. Retrieved 15 August 2015.\n21. ^ Jump up to: a b c d e Hay Newman, Lily (7 July 2015). \"A Detailed Look at HackingTeam's Emails About\nIts Repressive Clients\". The Intercept. Archived from the original on 7 March 2019. Retrieved 15 May\n2016.     \n22. ^ Knibbs, Kate (8 July 2015). \"HackingTeam's Lame Excuse for Selling Digital Weapons to Sudan\".\nGizmodo. Archived from the original on 25 December 2017. Retrieved 15 May 2016. \n  Page 10 of 13",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia",
		"MISPGALAXY",
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://en.wikipedia.org/wiki/Hacking_Team"
	],
	"report_names": [
		"Hacking_Team"
	],
	"threat_actors": [
		{
			"id": "c91e335e-42be-48d9-96b5-ba56749a723b",
			"created_at": "2022-10-25T16:07:23.458346Z",
			"updated_at": "2026-04-10T02:00:04.616481Z",
			"deleted_at": null,
			"main_name": "CIA",
			"aliases": [
				"Central Intelligence Agency"
			],
			"source_name": "ETDA:CIA",
			"tools": [],
			"source_id": "ETDA",
			"reports": null
		},
		{
			"id": "a3687241-9876-477b-aa13-a7c368ffda58",
			"created_at": "2022-10-25T16:07:24.496902Z",
			"updated_at": "2026-04-10T02:00:05.010744Z",
			"deleted_at": null,
			"main_name": "Hacking Team",
			"aliases": [],
			"source_name": "ETDA:Hacking Team",
			"tools": [],
			"source_id": "ETDA",
			"reports": null
		},
		{
			"id": "e90c06e4-e3e0-4f46-a3b5-17b84b31da62",
			"created_at": "2023-01-06T13:46:39.018236Z",
			"updated_at": "2026-04-10T02:00:03.183123Z",
			"deleted_at": null,
			"main_name": "Hacking Team",
			"aliases": [],
			"source_name": "MISPGALAXY:Hacking Team",
			"tools": [],
			"source_id": "MISPGALAXY",
			"reports": null
		}
	],
	"ts_created_at": 1775434408,
	"ts_updated_at": 1775826757,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/01258ec767b056850f248e0c5a61f8825997ab01.pdf",
		"text": "https://archive.orkl.eu/01258ec767b056850f248e0c5a61f8825997ab01.txt",
		"img": "https://archive.orkl.eu/01258ec767b056850f248e0c5a61f8825997ab01.jpg"
	}
}