<?xml version="1.0"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="zh">
	<id>https://arolstar52-zhtest.hf.space/index.php?action=history&amp;feed=atom&amp;title=Hacking_Team</id>
	<title>Hacking Team - 版本历史</title>
	<link rel="self" type="application/atom+xml" href="https://arolstar52-zhtest.hf.space/index.php?action=history&amp;feed=atom&amp;title=Hacking_Team"/>
	<link rel="alternate" type="text/html" href="https://arolstar52-zhtest.hf.space/index.php?title=Hacking_Team&amp;action=history"/>
	<updated>2026-07-02T12:45:13Z</updated>
	<subtitle>在这个wiki上该页的修订历史</subtitle>
	<generator>MediaWiki 1.43.8</generator>
	<entry>
		<id>https://arolstar52-zhtest.hf.space/index.php?title=Hacking_Team&amp;diff=2590646&amp;oldid=prev</id>
		<title>imported&gt;Easterlies：​/* 外部連結 */ 增加或调整分类</title>
		<link rel="alternate" type="text/html" href="https://arolstar52-zhtest.hf.space/index.php?title=Hacking_Team&amp;diff=2590646&amp;oldid=prev"/>
		<updated>2025-03-13T11:56:33Z</updated>

		<summary type="html">&lt;p&gt;&lt;span class=&quot;autocomment&quot;&gt;外部連結：​&lt;/span&gt; 增加或调整分类&lt;/p&gt;
&lt;p&gt;&lt;b&gt;新页面&lt;/b&gt;&lt;/p&gt;&lt;div&gt;{{NoteTA|G1=IT}}&lt;br /&gt;
[[File:Hacking Team logo.svg|thumb|公司标志]]&lt;br /&gt;
&amp;#039;&amp;#039;&amp;#039;Hacking Team&amp;#039;&amp;#039;&amp;#039;是一家總部在[[意大利]][[米蘭|米兰]]的[[信息技术]]公司。该公司向政府部门及执法机构有偿提供电脑入侵及监视服务，允许政府监听网民的通信、解码加密文件、记录[[Skype]]等网络电话通信、远程开启麦克风和摄像头。&amp;lt;ref&amp;gt;{{cite web|title = Enemies of the Internet: Hacking Team|url = http://surveillance.rsf.org/en/hacking-team/|work = [[Reporters Without Borders]]|accessdate = 24 April 2014|archive-date = 2014-04-29|archive-url = https://web.archive.org/web/20140429193708/http://surveillance.rsf.org/en/hacking-team/|dead-url = no}}&amp;lt;/ref&amp;gt;该公司也因提供这些服务给不重视人权的一些政府而遭到批评。&amp;lt;ref&amp;gt;{{cite web|last3 = Marquis-Boire|first3 = Morgan|last1 = Marczak|first1 = Bill|last2 = Gaurnieri|first2 = Claudio|last4 = Scott-Railton|first4 = John|title = Mapping Hacking Team&amp;#039;s &amp;quot;Untraceable&amp;quot; Spyware|url = https://citizenlab.org/2014/02/mapping-hacking-teams-untraceable-spyware/|date = February 17, 2014|accessdate = 2015-07-12|archive-date = 2014-02-20|archive-url = https://web.archive.org/web/20140220070424/https://citizenlab.org/2014/02/mapping-hacking-teams-untraceable-spyware/|dead-url = no}}&amp;lt;/ref&amp;gt;  Hacking Team声称如果政府利用它们的软件做出不道德行为，公司有能力禁用软件。&amp;lt;ref&amp;gt;{{cite news|url = http://www.newyorker.com/online/blogs/elements/2014/03/hacked-by-ones-own-government.html|title = Hackers Without Borders|last = Kopstein|first = Joshua|work = [[The New Yorker]]|date = 10 March 2014|accessdate = 24 April 2014|archive-date = 2014-07-05|archive-url = https://web.archive.org/web/20140705051138/http://www.newyorker.com/online/blogs/elements/2014/03/hacked-by-ones-own-government.html|dead-url = no}}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
2014年6月，多伦多大学的一项报告详细分析了Hacking Team的远程控制系统的功能、架构和技术。&amp;lt;ref&amp;gt;{{Cite web|url = https://citizenlab.org/2014/06/backdoor-hacking-teams-tradecraft-android-implant/|title = Police Story: Hacking Team’s Government Surveillance Malware|date = June 24, 2014|accessdate = August 3, 2014|website = Citizen Lab|publisher = University of Toronto|last1 = Marquis-Boire|first1 = Morgan|last2 = Gaurnieri|first2 = Claudio|first3 = John|last3 = Scott-Railton|first4 = Katie|last4 = Kleemola|archive-date = 2014-06-25|archive-url = https://web.archive.org/web/20140625065101/https://citizenlab.org/2014/06/backdoor-hacking-teams-tradecraft-android-implant/|dead-url = no}}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
Hacking Team位于意大利的公司有大约40名雇员，并在[[安那波利斯|安纳波利斯]]和[[新加坡]]设有分公司。该公司的产品客户遍布六大洲的许多国家。&amp;lt;ref&amp;gt;{{cite web|last = Jeffries|first = Adrianne|title = Meet Hacking Team, the company that helps the police hack you|url = http://www.theverge.com/2013/9/13/4723610/meet-hacking-team-the-company-that-helps-police-hack-into-computers|accessdate = 21 April 2014|work = [[The Verge]]|date = 13 September 2013|archive-date = 2015-07-10|archive-url = https://web.archive.org/web/20150710041456/http://www.theverge.com/2013/9/13/4723610/meet-hacking-team-the-company-that-helps-police-hack-into-computers|dead-url = no}}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== 公司历史 ==&lt;br /&gt;
Hacking Team由Alberto Ornaghi和Marco Valleri两位意大利程序员创立。在公司正式成立前，Ornaghi和Valleri编写过一些用于监视和控制远程电脑的工具。一款名为{{link-en|Ettercap|Ettercap (software)}}的程序受到黑客和一些公司的欢迎，前者希望通过该程序监视人群，后者则希望测试公司内部网络是否安全。&amp;lt;ref&amp;gt;{{cite news |title=Reacting to Public Ire, Coinbase Drops Neutrino Execs With Hacking Team Ties |url=https://sports.yahoo.com/reacting-public-ire-coinbase-drops-160900874.html |accessdate=2021-10-22 |work=sports.yahoo.com |archive-date=2021-10-22 |archive-url=https://web.archive.org/web/20211022060804/https://sports.yahoo.com/reacting-public-ire-coinbase-drops-160900874.html |dead-url=no}}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
米兰警方获悉这一工具後，希望用Ettercap来监控意大利公民、监听大众的[[Skype]]通话，于是与Ornaghi和Valleri取得联系，希望他们能量身定做程序，Hacking Team就此成為「第一家向警方销售商业黑客软件的公司」。&amp;lt;ref&amp;gt;{{cite web|last = Jeffries|first = Adrianne|title = Meet Hacking Team, the company that helps the police hack you|url = http://www.theverge.com/2013/9/13/4723610/meet-hacking-team-the-company-that-helps-police-hack-into-computers|accessdate = 21 April 2014|work = [[The Verge]]|date = 13 September 2013}}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
=== 2015年入侵泄露事件 ===&lt;br /&gt;
2015年7月5日，该公司的[[Twitter]]帐号遭到不明人士入侵，入侵者发布了一条关于Hacking Team[[数据泄露]]的通告。首条通告写道：「反正[[无所隐瞒论|我们也没什么东西好藏]]，那就把我们的电子邮件、文件、源代码都发布出来…」，并附有400[[吉字节|GB]]数据的[[BitTorrent (协议)|BitTorrent]]和[[Mega]]下载链接，其中包含入侵者所称的内部电子邮件、发票和[[源代码]]。&amp;lt;ref&amp;gt;{{cite web |url=https://twitter.com/hackingteam |title=Hacked Team (@hackingteam) |accessdate=2015-07-06 |deadurl=no |archiveurl=https://web.archive.org/web/20150706010312/https://twitter.com/hackingteam |archivedate=2015-07-06}}Wayback Machine&amp;amp;#x20;&amp;lt;span&amp;gt;(archived July 6, 2015)&amp;lt;/ref&amp;gt;此通告随后被[[維基解密|维基解密]]和众多网友转发。&amp;lt;ref&amp;gt;{{Twitter status|wikileaks|617865712611233792|Inside malware makers &amp;quot;Hacking Team&amp;quot;: hundreds of gigabytes of e-mails, files, and source code|[[WikiLeaks]]|July 6, 2015|July 6, 2015}}&amp;lt;/ref&amp;gt;&amp;lt;ref&amp;gt;{{Cite web|title = Hacking Team hacked: Spy tools sold to oppressive regimes Sudan, Bahrain and Kazakhstan|url = http://www.ibtimes.co.uk/hacking-team-hacked-spy-tools-sold-oppressive-regimes-sudan-bahrain-kazakhstan-1509460|accessdate = 2015-07-06|archive-date = 2015-07-06|archive-url = https://web.archive.org/web/20150706132059/http://www.ibtimes.co.uk/hacking-team-hacked-spy-tools-sold-oppressive-regimes-sudan-bahrain-kazakhstan-1509460|dead-url = no}}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
泄露的内容十分庞大，初步分析显示Hacking Team曾向{{link-en|黎巴嫩军|Lebanese Army}}&amp;lt;ref&amp;gt;{{Dead link}}https://twitter.com/SynAckPwn/status/617955067006578689 {{Wayback|url=https://twitter.com/SynAckPwn/status/617955067006578689 |date=20160404074128}}&amp;lt;/ref&amp;gt;以及[[苏丹共和国|苏丹]]开具发票，[[巴林]]和[[哈萨克斯坦]]同样购买过监视工具。&amp;lt;ref&amp;gt;{{Cite web|title = Hacking Team hacked: Spy tools sold to oppressive regimes Sudan, Bahrain and Kazakhstan|url = http://www.ibtimes.co.uk/hacking-team-hacked-spy-tools-sold-oppressive-regimes-sudan-bahrain-kazakhstan-1509460|accessdate = 2015-07-06}}&amp;lt;/ref&amp;gt;而Hacking Team事發前曾声明他们从未与苏丹进行交易。&amp;lt;ref&amp;gt;{{Cite web|title = Hacking Team hacked, attackers claim 400GB in dumped data|url = http://www.csoonline.com/article/2943968/data-breach/hacking-team-hacked-attackers-claim-400gb-in-dumped-data.html|accessdate = 2015-07-06|first = Steve|last = Ragan|archive-date = 2015-07-06|archive-url = https://web.archive.org/web/20150706025416/http://www.csoonline.com/article/2943968/data-breach/hacking-team-hacked-attackers-claim-400gb-in-dumped-data.html|dead-url = no}}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
泄露的数据中包含一个跨平台的Flash[[零日攻击|零日漏洞]]（[[CVE编号]]为CVE-2015-5119）。&amp;lt;ref&amp;gt;{{Cite web|title = Adobe Security Bulletin|url = https://helpx.adobe.com/security/products/flash-player/apsa15-03.html|accessdate = 2015-07-12|archive-date = 2015-07-09|archive-url = https://web.archive.org/web/20150709065838/https://helpx.adobe.com/security/products/flash-player/apsa15-03.html|dead-url = no}}&amp;lt;/ref&amp;gt;文件中有一个演示网页能利用此漏洞打开计算器。&amp;lt;ref&amp;gt;{{Cite web|title = Zero-Day Flash Player Exploit Disclosed In &amp;#039;Hacking Team&amp;#039; Data Dump|url = http://thehackernews.com/2015/07/flash-zero-day-vulnerability.html|accessdate = 2015-07-06|first = Swati|last = Khandelwal|archive-date = 2015-07-08|archive-url = https://web.archive.org/web/20150708172026/http://thehackernews.com/2015/07/flash-zero-day-vulnerability.html|dead-url = no}}&amp;lt;/ref&amp;gt;&amp;lt;ref&amp;gt;{{Cite web|title = Unpatched Flash Player Flaw, More POCs Found in Hacking Team Leak|url = http://blog.trendmicro.com/trendlabs-security-intelligence/unpatched-flash-player-flaws-more-pocs-found-in-hacking-team-leak/|accessdate = 2015-07-08|first = Peter|last = Pi|archive-date = 2015-07-10|archive-url = https://web.archive.org/web/20150710021613/http://blog.trendmicro.com/trendlabs-security-intelligence/unpatched-flash-player-flaws-more-pocs-found-in-hacking-team-leak/|dead-url = no}}&amp;lt;/ref&amp;gt;Adobe于2015年7月8日[[修補程式|修复]]了该漏洞。&amp;lt;ref&amp;gt;{{Cite web|title = Adobe Security Bulletin|url = https://helpx.adobe.com/security/products/flash-player/apsb15-16.html|accessdate = 2015-07-11|last = Adobe Systems (corporate author)|archive-date = 2015-07-10|archive-url = https://web.archive.org/web/20150710204543/https://helpx.adobe.com/security/products/flash-player/apsb15-16.html|dead-url = no}}&amp;lt;/ref&amp;gt;除此之外，泄露的数据中还有一个[[缓冲区溢出]]漏洞，可攻击Adobe Open Type管理器的[[动态链接库|DLL]]。因为该DLL运行于[[分级保护域|内核模式]]，所以此漏洞可以[[权限提升|提升权限]]、绕过[[沙盒 (電腦安全)|沙盒]]。&amp;lt;ref&amp;gt;{{Cite web|title = A Look at the Open Type Font Manager Vulnerability from the Hacking Team Leak|url = http://blog.trendmicro.com/trendlabs-security-intelligence/a-look-at-the-open-type-font-manager-vulnerability-from-the-hacking-team-leak/?utm_source=feedburner&amp;amp;utm_medium=feed&amp;amp;utm_campaign=Feed%3A+Anti-MalwareBlog+%28Trendlabs+Security+Intelligence+Blog%29|accessdate = 2015-07-08|first = Jack|last = Tang|archive-date = 2015-07-17|archive-url = https://web.archive.org/web/20150717153249/http://blog.trendmicro.com/trendlabs-security-intelligence/a-look-at-the-open-type-font-manager-vulnerability-from-the-hacking-team-leak/?utm_source=feedburner&amp;amp;utm_medium=feed&amp;amp;utm_campaign=Feed%3A+Anti-MalwareBlog+%28Trendlabs+Security+Intelligence+Blog%29|dead-url = no}}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
泄露数据还显示Hacking Team的雇员使用的密码十分脆弱，如P4ssword、wolverine、universo等。&amp;lt;ref&amp;gt;{{Cite web|title = Hacking Team used shockingly bad passwords|url = http://www.zdnet.com/article/no-wonder-hacking-team-got-hacked/|accessdate = 2015-07-06|first = Zack|last = Whittaker|archive-date = 2015-07-08|archive-url = https://web.archive.org/web/20150708071714/http://www.zdnet.com/article/no-wonder-hacking-team-got-hacked/|dead-url = no}}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
==與Hacking Team有來往的國家政權及地方政府==&lt;br /&gt;
&lt;br /&gt;
除了巴林、哈薩克斯坦、黎巴嫩军和蘇丹共和國，據[[維基解密]]於2015年揭發的文件及[[電郵]]顯示，該公司亦曾向[[利比亞]]、[[摩洛哥]]、[[蘇丹]]、[[沙地阿拉伯]]、[[埃及]]和[[埃塞俄比亞]]的安全機構提供入侵式黑客軟件。相關文件亦顯示，專門負責刑事調查的[[澳門司法警察局]]曾於2012年從Hacking Team洽購手機監控系統，又在同年10月安排Hacking Team到警署示範黑客軟件，[[香港廉政公署]]的一名調查主任在2014年聯繫了Hacking Team&amp;lt;ref&amp;gt;{{cite news |title=台湾及香港的执法机构联系Hacking Team组织详情曝光 {{!}} CN-SEC 中文网 |url=http://cn-sec.com/archives/352143.html |accessdate=2021-10-22 |work=cn-sec.com |archive-date=2021-10-26 |archive-url=https://web.archive.org/web/20211026011659/http://cn-sec.com/archives/352143.html |dead-url=no}}&amp;lt;/ref&amp;gt;，對該公司的伽利略遠程控制工具表達了興趣，要求演示&amp;lt;ref&amp;gt;{{cite news |title=维基解密：港廉署主任曾联络黑客公司约看监控系统 |url=https://world.huanqiu.com/article/9CaKrnJNqud |accessdate=2021-10-22 |work=环球网 |archive-date=2021-10-22 |archive-url=https://web.archive.org/web/20211022061156/https://world.huanqiu.com/article/9CaKrnJNqud |dead-url=no}}&amp;lt;/ref&amp;gt;&amp;lt;ref&amp;gt;{{cite news |title=維基解密：澳門司警疑向黑客公司　洽購手機監控系統 |url=https://thestandnews.com/%E6%BE%B3%E9%96%80/%E7%B6%AD%E5%9F%BA%E8%A7%A3%E5%AF%86-%E6%BE%B3%E9%96%80%E5%8F%B8%E8%AD%A6%E7%96%91%E5%90%91%E9%BB%91%E5%AE%A2%E5%85%AC%E5%8F%B8-%E6%B4%BD%E8%B3%BC%E6%89%8B%E6%A9%9F%E7%9B%A3%E6%8E%A7%E7%B3%BB%E7%B5%B1/ |agency=立場新聞 |date=2015-07-16 |accessdate=2018-11-05 |archive-date=2018-10-20 |archive-url=https://web.archive.org/web/20181020145538/https://thestandnews.com/%E6%BE%B3%E9%96%80/%E7%B6%AD%E5%9F%BA%E8%A7%A3%E5%AF%86-%E6%BE%B3%E9%96%80%E5%8F%B8%E8%AD%A6%E7%96%91%E5%90%91%E9%BB%91%E5%AE%A2%E5%85%AC%E5%8F%B8-%E6%B4%BD%E8%B3%BC%E6%89%8B%E6%A9%9F%E7%9B%A3%E6%8E%A7%E7%B3%BB%E7%B5%B1/ |dead-url=no}}&amp;lt;/ref&amp;gt;。&lt;br /&gt;
&lt;br /&gt;
==能力==&lt;br /&gt;
Hacking Team使客户可以对公民进行远程监控，通过他们的远程控制系统（RCS），包括Da Vinci：&lt;br /&gt;
&lt;br /&gt;
*隐蔽地收集手机的电子邮件、短信、通话记录和电话本&lt;br /&gt;
*[[按键记录]]&lt;br /&gt;
*记录搜索记录数据和屏幕截图&lt;br /&gt;
*对通话进行录音&lt;br /&gt;
*使用手机收集环境噪音和对话&lt;br /&gt;
*激活手机或电脑的摄像头&lt;br /&gt;
*劫持手机的GPS系统以监控目标的移动&lt;br /&gt;
&lt;br /&gt;
Hacking Team使用高级技术来避免手机电量下降过快，防止人产生怀疑，并使用其它方法避免检测。&amp;lt;ref&amp;gt;{{cite news|last1=Schneier|first1=Bruce|title=More on Hacking Team&amp;#039;s Government Spying Software|url=https://www.schneier.com/blog/archives/2014/06/more_on_hacking.html|accessdate=2015-07-15|archive-date=2015-07-06|archive-url=https://web.archive.org/web/20150706142043/https://www.schneier.com/blog/archives/2014/06/more_on_hacking.html|dead-url=no}}&amp;lt;/ref&amp;gt;&amp;lt;ref&amp;gt;{{Cite web|title = Hacking Team Tools Allow Governments To Take Full Control of Your Smartphone|url = http://www.ibtimes.co.uk/hacking-team-tools-allow-governments-take-full-control-your-smartphone-1453987|accessdate = 2015-07-06|archive-date = 2015-07-06|archive-url = https://web.archive.org/web/20150706094939/http://www.ibtimes.co.uk/hacking-team-tools-allow-governments-take-full-control-your-smartphone-1453987|dead-url = no}}&amp;lt;/ref&amp;gt;&lt;br /&gt;
&lt;br /&gt;
== 参考来源 ==&lt;br /&gt;
{{reflist|1=2}}&lt;br /&gt;
&lt;br /&gt;
== 外部链接 ==&lt;br /&gt;
* {{Official| http://www.hackingteam.it/}}&lt;br /&gt;
* [https://citizenlab.org/tag/hacking-team/ Hacking Team Archives]{{Wayback|url=https://citizenlab.org/tag/hacking-team/ |date=20150711203518 }} - [[Citizen Lab]]发表的调查报告。&lt;br /&gt;
&lt;br /&gt;
{{Hacking}}&lt;br /&gt;
&lt;br /&gt;
[[Category:安全软件]]&lt;br /&gt;
[[Category:間諜軟件]]&lt;br /&gt;
[[Category:监视]]&lt;br /&gt;
[[Category:间谍技术]]&lt;br /&gt;
[[Category:间谍设备]]&lt;br /&gt;
[[Category:计算机访问控制]]&lt;br /&gt;
[[Category:網絡戰]]&lt;br /&gt;
[[Category:谍报丑闻]]&lt;br /&gt;
[[Category:米兰公司]]&lt;/div&gt;</summary>
		<author><name>imported&gt;Easterlies</name></author>
	</entry>
</feed>