Hacking Team was established in 2003 in Milan, Italy. The company claims that it sells its products and services exclusively to law enforcement agencies and governments. Its name started emerging in 2012 when The Citizen Lab published a report about the use of its product, Remote Control System, for targeting Moroccan journalists and the Emirati human rights defender, Ahmed Mansour, whose personal computer was penetrated by sending an email with a malware attachment, after clicking on it the device and email account were penetrated. The same happened to the Moroccan journalists. What focused lights on Hacking Team and its activities, however, was a huge, 400 GB, leak of the company’s data in 2015. The leaks included electronic correspondence, clients’ files, and financial documents. They have shown the delas in effect between the company and many MENA countries. Among these are Egypt, Saudi Arabia, Bahrain, and UAE. The leaks also exposed a deal with the Egyptian Ministry of Defense, of 598,000 Euros, in addition to another deal of 58,000 Euros with an Egyptian company named GNSE Group. The Saudi General Intelligence Agency contracted the company in a deal of 600,000 Euros, in addition to a deal with the Emirati Ministry of Interior of 634,000 Euros.
This leak has greatly affected the company and its ability to attract clients. In April 2019 it was acquired by InTheCyber Group and turned into Memento Labs.
Country of Origin
Washington DC, USA
Works with governments
Software and Equipment
Remote Control System
Type of Attack
Adobe Flash, Microsoft Office, Skype
Targeting specific users
Windows – macOS – Android – IOS
Oman, Saudi Arabia, UAE, Egypt, Morocco, Sudan
Technical Specifications of Software and Equipment
Hacking Team produces and sells Remote Control System. A report by The Citizen Lab about the system revealed that in case the targeted person’s device is penetrated it is possible through the Remote Control System to access and extract data and information on the mobile like the address book, used applications, correspondents, passwords, calls record and data, screenshots, recording calls, recording audio through the microphone, device location, and visited Internet addresses. This is accomplished by planting a file on the targeted device. The planted file has 1 GB of storage for the extracted data.
There are there ways to plant a file through which the targeted device can be remotely controlled: first by direct planting using a USB stick or a memory card; second, using a Wi-Fi network; third, which is the one used more often, by sending an email depending on social engineering, which has a malware attachment, once clicked the software is installed on the targeted device.