Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Government Spyware Vendor Left Customer, Victim Data Online for Everyone to See

From: InfoSec News <alerts () infosecnews org>
Date: Thu, 25 Oct 2018 06:54:34 +0000 (UTC)
https://motherboard.vice.com/en_us/article/vbka8b/wolf-intelligence-leak-customer-victim-data-online

By Lorenzo Franceschi-Bicchierai
Motherboard.vice.com
Oct 24 2018
A startup that claims to sell surveillance and hacking technologies to governments around the world left nearly all its data -- including information taken from infected targets and victims -- exposed online, according to a security firm who found the data.
Wolf Intelligence, a Germany-based spyware company that made headlines for sending a bodyguard to Mauritania and prompting an international incident after the local government detained the bodyguard as collateral for a deal went wrong, left a trove of its own data exposed online. The leak exposed 20 gigabytes of data, including recordings of meetings with customers, a scan of a passport belonging to the company's founder, scans of the founder's credit cards, and surveillance targets' data, according to researchers.
Security researchers from CSIS Security discovered the data on an unprotected command and control server and a public Google Drive folder. The researchers showed screenshots of the leaked data during a talk at the Virus Bulletin conference in Montreal, which Motherboard attended.
"This is a very stupid story in the sense that you would think that a company actually selling surveillance tools like this would know more about operational security," CSIS co-founder Peter Kruse told Motherboard in an interview. "They exposed themselves -- literally everything was available publicly on the internet."
In an online chat, Wolf Intelligence founder Manish Kumar told me that it wasn’t his company that left the data online, but a reseller he refused to identify. He also said that he plans to sue CSIS for hacking his reseller; CSIS is adamant that it did not hack anything, as everything was exposed and open to anyone 

[...]


--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
Previous By Date Next
Previous By Thread Next

Current thread: