Hacking Team vows to continue with new spyware

Government spyware vendor Hacking Team is defiant that it will not only recover from the data breach that saw close to 400 gigabytes of its corporate data including source code leaked online, but also intends to release an updated version of its Remote Control System surveillance software.

Hacking Team spokesman Eric Rabe told iTnews that work on a new version of its Remote Control System software is currently underway.

"Of course, we are working to restore the capabilities that our clients need to track criminals and terrorists.  

"We expect to be able to offer them an upgrade that will restore that ability to them shortly.  

"Obviously, a lot of work will be required, but everyone here is 100 percent committed to accomplishing this task as rapidly as possible," Rabe said.

Rabe would not say if Hacking Team would compensate existing customers as the compromise meant their current malware were potentially rendered useless, but claimed there exists an understanding around what had occurred.

"Our customers understand that what has happened here is a criminal attack by parties so irresponsible that they released this powerful software to anyone who has the technical ability to use it," Rabe said.

He claimed that Italian police and law enforcement elsewhere are investigating the hack.

A media statement sent to Ars Technica, attributed to Hacking Team chief executive David Vincenzetti, claimed the new version 10 of the company's Remote Control System will be a ground up replacement for the existing product, and nost just an update.

The company also said that important elements of its spyware source code were not compromised in the attack and remain undisclosed and protected.

Several of the exploits used by Hacking Team to plant its malware on targets' computers were leaked in the hack on the company however, and are now being patched by vendors.

Adobe advised over the weekend that it had issued patches for two critical vulnerabilities (CVE-2015-5122 and CVE-2015-5123) in its Flash media player for Windows, Apple OS X and Linux.

The two vulnerabilities were found in the Hacking Team data dump by FireEye and TrendMicro security researchers, and follows the discovery of an earlier flaw also used by the Italian spyware vendor, which Adobe has already issued a patch for.