A hack on Italian surveillance firm Hacking Team late Sunday revealed active contracts between the company and the Egyptian Ministry of Defense that date back to 2011.
The unknown hacker uploaded a 400 GB file to a torrent, revealing contracts, invoices, source codes, and internal correspondence between the firm and tens of high-profile clients including the FBI, Sudan, and Egypt.
Selling an exploit portal to Egypt in 2012? Seems legit. pic.twitter.com/XuoqpfeiJC
— Christopher Soghoian (@csoghoian) July 6, 2015
Records show an invoice worth 58 thousand euros ($64,057) dating back to 2012 for a remote control system (RCS) called Exploit Portal licensed to a company called GNSE Group—an affiliate of Mansour Group.
The leaked documents also included spreadsheets that reportedly show the firm’s 2014 client overview and its 2015 forecast. These records show a maintenance transaction between the firm and GNSE Group worth 137 thousand euros ($151,335) that is dated April 17 2015, and expected revenues of around 412,500 euros ($455, 831).
Furthermore, the records reveal that in one of the transactions “Egypt MOD (Ministry of Defense)” is listed as the customer while GNSE Egypt is listed as the “Partner / Fulfillment Vehicle.”
من تسريبات هاكينج تيم: قائمة بالعملاء وتواريخ التجديد (مصر الصف المظلل) – القائمة بالكامل http://t.co/OMJ6LycYuN pic.twitter.com/V4mVRGmq8O
— Ramy Raoof (@RamyRaoof) July 6, 2015
Ramy Raoof, a digital rights and security researcher, told several local news outlets that it is not unusual for governments to utilize middlemen to sign contracts with surveillance agencies.
In January the European Parliament adopted a resolution on the situation in Egypt that contained an article calling for “an EU-wide ban on the export to Egypt of intrusion and surveillance technologies which could be used to spy on and repress citizens”.
The article also cited the Wassenaar Arrangement, an export controls agreement for conventional arms and dual-use technologies, that prohibits the export of security equipment that “could be used in the suppression of peaceful protest or against the EU’s strategic and security interests.”
University of Toronto-based research group Citizen Lab had reported in 2014 that it suspected Hacking Team of selling RCSs to Egypt “by studying instances of RCS that [they] have observed,” but had no proof till the leaks were made public.
According to Hacking Team’s website, their RCS “is a solution designed to evade encryption by means of an agent directly installed on the device to monitor” and will allow its users the ability to intercept text messages, social media use, and audio-visual applications.
A brochure for Exploit Portal says the program allows its users to utilize flaws in common software like web browsers and other applications Each exploit available was selected for its effectiveness against common application software, such as web browsers and office applications.