Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 REMOTE CONTROL SYSTEM version 7.0 A Stealth, Spyware-Based System for Attacking, Infecting and Monitoring Computers and Smartphones. Full intelligence.

Published byHoratio Robbins Modified over 9 years ago

Similar presentations

Presentation on theme: "1 REMOTE CONTROL SYSTEM version 7.0 A Stealth, Spyware-Based System for Attacking, Infecting and Monitoring Computers and Smartphones. Full intelligence."— Presentation transcript:

1 1 REMOTE CONTROL SYSTEM version 7.0 A Stealth, Spyware-Based System for Attacking, Infecting and Monitoring Computers and Smartphones. Full intelligence on target users even for encrypted communications (Skype, PGP, secure web mail, etc.) www.hackingteam.it

2 2 What the press says Financial Times, The Economist “Governments must have IT offensive capabilities” “The new frontier of intelligence is cyberspace” “Spy on suspected terrorists by inserting a remote forensic agent on their computers”

3 3 Financial Times

4 4 The Economist

5 5

6 6 Introduction

7 7 Hacking Team Ltd HT is a 100% Italian company founded in 2003 by Valeriano Bedeschi and David Vincenzetti with the ambition of being one of the market reference in penetration testing (Ethical Hacking) services in Italy The company developed in 2004 a unique solution for for attacking, infecting and remotely controlling targets (PCs, MACs, smartphones of different types) In order to finance such a solution we completed a first round of financing in 2007 by: Innogest Sgr, the leading Italian VC fund (€80M under management) Finlombarda Sgr: the main regional VC fund in Lombardy

8 Hacking Team, financials Huge market traction First mover advantage Market leader Rapid growth to market dominance Financially very strong 2009 results (Actual, YoY) Revenues: +37% EBITDA: +147% EBIT: +121% 8

9 Our Offer Remote Control System A comprehensive IT offensive security system for remotely attacking, infecting and controlling PCs and smartphones Hacking Team’s educational and technical support services 9

10 10 RCS – a few key metrics More than 20 customers are currently using our solution in 5 different continents and 15 countries More than 4000 active investigations as at today (estimated) In order to guarantee optimal performance, strong development since inception with : 25 patches finalized since product launch More than new 20 modules released

11 11 Skype is a nightmare for LEAs IT offensive security represents a new and highly innovative technology It’s growing very fast because of phenomena such as terrorism, industrial espionage and insider trading Advanced use of the Internet by terrorists makes LEAs increasingly nervous Example: the exponential growth of encrypted VoIP communications (Skype claims millions of users) by residential and business users, is a nightmare for LEAs

12 12 Why IT offensive security Cyber space is a very attractive place for criminals: It’s cheap, quick and easy to access IT offensive security systems can be complementary to more traditional passive IT monitoring solutions Governments need to have both defensive and offensive (IT) capabilities

13 13 IT offensive security Operational scenarios: 1. “Standard” criminal investigation (evidence gathering) performed by Government Organizations such as Police and Anticorruption (LEAs). 2. Intelligence gathering activities performed by Security Agencies for fighting serious crime and terrorism

14 14 Remote Control System Remote Control System is an IT stealth investigative tool for LEAs and security agencies It allows passive monitoring and active control of all data and processes on selected target devices E.g., uploading and stealthily executing programs on target, or destroying the target Such devices might or might not be connected to the Internet

15 15 Functionalities

16 16 PC: Monitoring and Logging Remote Control System can monitor and log any action performed on the target personal computer Web browsing Opened/Closed/Deleted files Keystrokes (any UNICODE language) Printed documents Chat, email, instant messaging Remote Audio Spy Camera snapshots VoIP conversations (eg: Skype) …

17 PC: architectures Windows XP Windows 2003 Windows Vista Windows 7 Mac OS X (Leopard 10.x) 17

18 18 Remote Control System can monitor and log any action performed on the target smartphone Call history Address book & Calendar Email messages Chat/IM messages SMS/MMS interception Localization (cell signal info, GPS info) Remote Audio Spy Camera snapshots Voice calls interception … Smartphones: Monitoring and Logging

19 Smartphones: architectures Windows Mobile 5 Windows Mobile 6 Windows Mobile 6.5 iPhone OS 2.x iPhone OS 3.x Symbian S60 3 rd edition BlackBerry OS 4.5 19

20 20 Clear technology & product roadmap to market dominance Q1 2011Q2 2011Q3 2011 Q4 2011 Linux Injection Proxy Appliance Symbian

21 21 Key Features

22 22 Key features Invisibility: Anti-viruses, anti-spywares, anti-rootkits, anti-keyloggers cannot detect our product ► It is resistant to all products in 2009 Gartner Endpoint Security Magic Quadrant (Gartner is likely the most respected name in IT research worldwide) Flexibility: advanced-logic based on event/action paradigm ► Send data only when the target is away ► Activate microphone only when inside a given location ► and many more... Advanced installation: can be installed locally or remotely by means of various attack vectors

23 23 Key features Robustness & Scalability: the solution can scale up to unlimited numbers of targets and each investigation can be assigned to different teams Integration with LI platforms : it can be integrated with existing investigation platforms. Data can be automatically forwarded to them once they arrive to our Collection Node Uniformed management: a single console to configure the agents, perform data analysis, configure the attack vectors, manage the users and monitor the system Privilege separation: each user/group can be granted with different privileges and assigned to different activities

24 24 Key features Stealthiness: the Collection Node can be hidden behind a chain of anonymizers which can be easily changed on the fly Data mining : evidences can be easily retrieved and visualized performing advanced filtering on collected data Alerting: you can be alerted when sensitive data arrives in the system ► E.g. you were waiting for a particular password to be recorded or a particular file to be opened on an encrypted volume

25 Attack Vectors 25

26 Local (hands-on) attack (Boot from) USB key/CD-ROM Physical hard-drive extraction and low- level direct access by another PC Encrypted disk?  Evil Maid Attack! PC running and locked by screensaver?  Kill screensaver! Protected by DeepFreeze-like restoration technology?  Make RCS permanent infection! 26

27 Remote attacks, 1/3 You know your target’s email only  Send spoofed e-mail with “special attachment” ► E.g.,.PDF,.PPT,.DOC,.MOV, etc Attachment is composed by exploit + RCS backdoor Attachment creation totally automatic and transparent to the user > 50 zero day and non-zero day exploits guaranteed available by means of integrated RCS Exploit Portal 27

28 Remote attacks, 2/3 You can access your target’s network or your target’s ISP  Use RCS Injection Proxy Proprietary patent-pending technology Handles network speeds till 10G/bits! Infects targets on the fly, automagically! 28

29 Remote attacks, 3/3 You have other intelligence information about your target  Use RCS Support Portal Social engineering support provided by means of secure channel Active 24x7x365 29

30 30 Use cases

31 Voice Communications Issue: the targets are using encrypted VoIP to communicate The voip agent is able to record audio before the encryption and after the decryption The microphone agent can be used to record the surroundings even if the target is not using the computer to communicate 31

32 Encrypted chat Issue : the target is using a third party encryption plugin (such as OTR) over common chat protocols (MSN, Yahoo!, Gtalk, Skype) The chat agent is able to capture data before the encryption and after the decryption You don’t have to worry about encryption anymore 32

33 PGP Encrypted data Issue : passive interception can record data, but can not decrypt it The file capture agent can be used to retrieve the private keyring of the target The keylog agent can be used to view the passphrase for the private keyring Recorded data can now be decrypted 33

34 Webmail interception Issue : modern webmails are really a mess to be decoded on LI platform (ajax & co.) The URL agent can make a screenshot of the visited page (incoming emails) The keylog agent can be used to capture outgoing emails while the user is writing The clipboard agent can capture the body if it is copy-and-pasted (PGP tray) 34

35 Deepfrozen Internet Café PCs Issue : Rootkits don’t survive reboot of DeepFreezed computers Our solution is DeepFreeze resistant Just install it 35

36 36 Final words

37 Why trusting HT? Reputation Our software has been widely deployed and is used for national security issues worldwide No remote access to data from HT The infrastructure is totally at customer’s site No “hidden features” inside You can have a full source code walk–through 37

38 How we can help you Delivery on-site Site Acceptance Test Product training Advanced training On-site assistance Support Portal Exploit Portal 38

39 mailto: info@hackingteam.it 39

Download ppt "1 REMOTE CONTROL SYSTEM version 7.0 A Stealth, Spyware-Based System for Attacking, Infecting and Monitoring Computers and Smartphones. Full intelligence."

Similar presentations

Software Bundle ViPNet Secure Remote Access Arrangement using ViPNet Mobile © Infotecs.

Software Bundle ViPNet Secure Remote Access Arrangement using ViPNet Mobile © Infotecs.
Voice and Data Encryption over mobile networks July 2012 IN-NOVA TECNOLOGIC IN-ARG SA www.in-arg.com MESH VOIP.

Voice and Data Encryption over mobile networks July 2012 IN-NOVA TECNOLOGIC IN-ARG SA MESH VOIP.
Facts about Welcome to this video from Ozeki. In this video I will present what makes Ozeki Phone System XE the Worlds best on-site software PBX for Windows.

Facts about Welcome to this video from Ozeki. In this video I will present what makes Ozeki Phone System XE the Worlds best on-site software PBX for Windows.
COMPREHENSIVE APPROACH TO INFORMATION SECURITY IN ADVANCED COMPANIES.

COMPREHENSIVE APPROACH TO INFORMATION SECURITY IN ADVANCED COMPANIES.
Presentation. Contemporary Communication Fast – connects us quickly without delays Reliable – works always Global – connects us with the whole world Low.

Presentation. Contemporary Communication Fast – connects us quickly without delays Reliable – works always Global – connects us with the whole world Low.
Page 1 of 29 Net-Scale Technologies, Inc. Network Based Personal Information and Messaging Services Urs Muller Beat Flepp

Page 1 of 29 Net-Scale Technologies, Inc. Network Based Personal Information and Messaging Services Urs Muller Beat Flepp
Chapter 12 Network Security.

Chapter 12 Network Security.
Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.

Security Management IACT 918 July 2004 Gene Awyzio SITACS University of Wollongong.
Back to Start 1 of 10 Connect with a Mobile Device You can use your company’s Windows SBS computer network to extend your connectivity by using mobile.

Back to Start 1 of 10 Connect with a Mobile Device You can use your company’s Windows SBS computer network to extend your connectivity by using mobile.
Kaspersky Open Space Security: Release 2 World-class security solution for your business.

Kaspersky Open Space Security: Release 2 World-class security solution for your business.
Norman Endpoint Protection Advanced security made easy.

Norman Endpoint Protection Advanced security made easy.
©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Endpoint Security Current portfolio and looking forward October 2010.

©2010 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Endpoint Security Current portfolio and looking forward October 2010.
Norman SecureSurf Protect your users when surfing the Internet.

Norman SecureSurf Protect your users when surfing the Internet.
IMonitor Software About IMonitorSoft Since the year of 2002, coming with EAM Security Series born, IMonitor Security Company stepped into the field of.

IMonitor Software About IMonitorSoft Since the year of 2002, coming with EAM Security Series born, IMonitor Security Company stepped into the field of.
Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.

Hands-On Microsoft Windows Server 2008 Chapter 1 Introduction to Windows Server 2008.
eScan Total Security Suite with Cloud Security

eScan Total Security Suite with Cloud Security
Communications & Data Services The Evolution of Communications Cathy Avgiris EVP/GM May 10, 2012.

Communications & Data Services The Evolution of Communications Cathy Avgiris EVP/GM May 10, 2012.
Business Computing 550 Lesson 4. Fundamentals of Information Systems, Fifth Edition Chapter 4 Telecommunications, the Internet, Intranets, and Extranets.

Business Computing 550 Lesson 4. Fundamentals of Information Systems, Fifth Edition Chapter 4 Telecommunications, the Internet, Intranets, and Extranets.
Introduction Our Topic: Mobile Security Why is mobile security important?

Introduction Our Topic: Mobile Security Why is mobile security important?
Viruses.

Viruses.

Similar presentations

Ads by Google