Home This Free Tool Can Tell If Hacking Team’s Exploits Crawled Into Your System

This Free Tool Can Tell If Hacking Team’s Exploits Crawled Into Your System

This week, IT security software firm Rook Security released a free tool that can sniff out malware leaked from Milan’s Hacking Team, a clandestine group that sells surveillance and malignant software to governments, law enforcement and other private clients worldwide.

Ironically, the Italian firm that helps governments spy on citizens itself fell victim to a cyberattack earlier this month that spilled 400GB’s worth of data into the wild. 

See also: As Its Enemies Grow, Flash’s Days Are Numbered

The attackers, who may have been ex-employees, released torrent files that span internal documents, source code, and emails with detailed customer information. Rook created its Milano tool to specifically sniff out the Hacking Team’s exploits, and reign in threat that’s now out in the open. 

Why Stockpiling Malware Is A Bad Idea

“This breach has been very unique in nature and challenging for security technology vendors to obtain code samples to create signatures and patches, thereby leaving scores of systems potentially vulnerable to nefarious actors seeking to weaponize Hacking Team’s once proprietary tools,” said J.J. Thompson, CEO of Rook, in a press statement.

Rook has been working with the Federal Bureau of Investigations, specifically its Cyber Task Force in Indianapolis, to zero in on the HackingTeam’s exploits.

The firm’s new tool, called “Milano,” digs into target systems, performing either a quick scan in a few seconds or a more comprehensive inspection taking up to an hour. The software hunts for “hashes” (files) connected to the Italian company’s security breach. It doesn’t appear to cover every single potential attack—so far, it spans hashes for 40 Windows executable and library files—but more could come through future updates. 

More than Hacking Team’s own confidential information is at stake. Over the course of its work, the company unearthed security holes in technologies ranging from Adobe to Facebook, and many others. Both companies patched the holes to the affected Flash plugin and Oquery tool, respectively.

Hacking Team had discovered or had been working on a variety of exploits for everything from software to online services to drone-based Wi-Fi surveillance tools. It often took advantage of “zero-day” vulnerabilities, which are holes that the vendors don’t even know they have. When zero-day attacks go out, they often do damage before companies even know what hit them. 

What You Can Do About It

The reach of the group’s stash of work could be extensive, affecting developers and other partners, as well as users on a global basis. 

Rook said it moved swiftly to respond to the threat. “After our Intelligence Team quickly deduced how the leaked code could be weaponized and used for harm, we immediately put a team in place to identify, analyze, and detect malicious files located in this data,” said Thompson. 

The Milano download is available for download on this page. More from Rook about the tool, including a technical overview, can be found here

Lead photo courtesy of Shutterstock

Epilogue: One RW reader on Twitter couldn’t help but note that Rook’s solution may not be much better than the problem: 

https://twitter.com/cliffsull/status/623573943245479936https://twitter.com/cliffsull/status/623574471501324288

There’s no hard evidence indicating that the feds could use Milano for their own purposes. However, given the surveillance era we live in, it wouldn’t be a huge stretch to believe that may be possible. IT managers and other system administrators would do well to consider all the potential risks. 

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.