Earlier this month, as a part of the massive breach at the infamous Hacking Team, numerous documents were leaked. Since then, analysts are busy going through them and new revelations are greeting us each day. In the same process, leaked documents have revealed that the Federal Bureau of Investigation (FBI) communicated with Hacking Team to unmask a target that used Tor.
According to a leaked email, in September 2014, an FBI agent who is part of an elite cyber crime unit, contacted Hacker Team. The agent asked if the latest version of company’s premier product Remote Control System (RCS), would be successful in revealing the identifying the IP address of a Tor-using target.
FBI Agent wrote:
These emails are now hosted on WikiLeaks and they reveal some more interesting conversations. The FBI agent wanted to make the user download a malicious file and thus infect his computer. He mentioned the possibility of installing the “scout” (part of Hacking Team’s spyware) with some document or pdf attachment.
In another email, the Hacking Team staff member mentioned that if the user is accessing the internet using Tor Browser Bundle, it’ll be easy to retrieve the IP address. Many of you would be knowing that there are other ways, more secure, to connect to the Tor network without the Tor Browser.
From these emails, it’s not clear who the target was, and what was the outcome of this conversation. Motherboard writes that it’s worth noticing that Hacking Team not only provides services to the governments and interested agencies, but a certain part was actively associated with providing advice to its customers.
FBI, when asked about this leak, said that FBI doesn’t comment on specific tools, but they regularly “identify, evaluates and tests potential exploits in the interest of cyber security.”
According to another email, the same agent mentioned that FBI was interested in more tools. It should be noted that Hacking Team has earned about $773,000 from the FBI since 2011.
With inputs from WikiLeaks