If you’ve been following tech news, you may have heard of the massive hack against a spyware manufacturer, Hacking Team. The Milan, Italy-based software firm suffered a devastating server dump of over 400GB worth of data that has exposed nearly everything from within the company, including what some deem nefarious business practices.
Many countries’ governments, some with questionable human rights activities, employed Hacking Team’s spyware and other tools. Despite past denial of allegations that Hacking Team had provided such tools to governments like Sudan, the Hacking Team leak revealed otherwise.
Additionally, a few zero-day exploits have been discovered, which Hacking Team was utilizing. One of those exploits involved Adobe Flash (aren’t you glad it has been removed from the BlackBerry 10 browser?). It’s currently advised to disable Flash, until Adobe issues a patch.
Among the leaked files from Hacking Team’s servers were documents explaining pricing for their spyware tools and what could be compromised.
According to a leaked document, Hacking Team was able to compromise legacy BlackBerry OS. The company apparently charged € 30,000.00 for the tool, which allowed clients the license to infect BlackBerry OS with a Hacking Team agent. Interestingly, Hacking Team charged less for their BlackBerry OS exploit tool licensing than it did for iOS.
BlackBerry OS versions 4, 5, 6, and 7 are claimed to be supported by their tool. The leaked document revealed customers of the tool could gain access to a legacy BlackBerry’s files, camera photos, crypto currency transactions, Gmail and Outlook emails, Facebook chat and check-ins, as well as Skype calls and chats.
Nothing was mentioned of BBM. Fortunately, Hacking Team’s tool (at least according to the leaked document) did not support exploiting BlackBerry OS 10. If you’ve been holding onto that legacy device, you should immediately consider upgrading to BB10.
For now, this appears to be the only parts of BlackBerry that Hacking Team was able to compromise. If anymore information arises from the Hacking Team leak in regards to the privacy of BlackBerry users, we’ll be sure to make you aware.
*UPDATE* – The actual files of Hacking Team’s spyware tool to be used against BlackBerry OS have been published online. The files appear to show the company did in fact have a “BBM Injection” feature too. See the files here. It’s unclear if the “BBM Injection” feature can be used on BB10. Regardless, we still recommend getting the US$30/year BBM Protected plan for an extra layer of encryption.