The Guardian reports that cybersecurity firm Hacking Team experienced a data breach on Monday, leading to 400 GB of its documents being leaked to the Internet. Among the documents are those confirming the firm’s ability to infiltrate and monitor jailbroken iPhones for government agencies, including those of repressive regimes.
Much has been speculated before and after Edward Snowden’s release of a trove of National Security Agency (NSA) documents in 2013 about the capabilities of the United States’ agencies as well as those of allies and enemies. The Hacking Team dump reveals quite a bit more about the routine functions of third-party suppliers into that ecosystem, including specifically enumerated capabilities.
iOS users should therefore take note that the long-running concern that jailbroken iPhones and iPads were susceptible to vulnerabilities that could include access by so-called state actors appears to be confirmed by the data breach.
While the Hacking Team’s software requires a jailbroken iPhone, the firm also has the ability to jailbreak a standard iPhone and infect the newly jailbroken device via a malware-infected trusted computer the iPhone syncs with.
The firm’s pricing list notes that hacking an iOS device costs €50,000 ($55,242), and includes monitoring of Skype, WhatsApp and Viber chats, location, contacts and lists of calls. Again, this does reuire a jailbroken device.
MacRumors notes Hacking Team uses a legitimate Apple enterprise signing certificate, such as that used by corporations to install software on an employee’s device, to bypass iOS app installation procedures. The firm also has the ability to create a malicious Newsstand app that could monitor keystrokes and other activity on the infected device.
In 2014, researchers working independently of each other at Kaspersky Labs and Citizen Labs reported they had discovered components of Hacking Team’s tools, and described how they were being used by government agencies to steal data from mobile devices.