Leaked emails provide some insight into why the FBI has been buying from Hacking Team.
Documents leaked as part of the massive breach of Hacking Team have revealed that the Federal Bureau of Investigation (FBI) bought spying software from the controversial Italian surveillance-software company.
Internal emails also included in the leak give some insight into what at least one FBI agent wanted to do with those tools: target a user of the anonymity network Tor.
In September 2014, an FBI agent who according to one email is part of an "elite" cybercrime unit, asked Hacking Team if the latest version of Remote Control System (RCS), the company's premiere product, would be able to reveal the identifying IP address of a target using Tor.
The agent had the idea of making the target download a malicious file in order to infect his or her computer. "We will need to send him an email with a document or pdf attachement [sic] to hopefully install the scout," the agent wrote. Here, "scout" refers to a part of Hacking Team's software.
A Hacking Team staff member wrote that, once infected, "if he is using TBB [Tor Browser Bundle] you will get the real ip address of the target." It's possible to connect to the Tor network without the Tor Browser: perhaps the target used a proxy, or a dedicated operating system like Tails.
It's impossible to tell who the target was, based on these emails, or whether the agent managed to obtain their IP address.The FBI agent who sent the inquiries to Hacking Team did not reply to Motherboard's request for comment. An FBI spokesperson previously told this reporter that the agency "does not comment on specific tools or techniques utilized in criminal investigations," but that it's normal for the FBI to test "exploits" in the interest of cybersecurity, as well as keep up with new technologies that could "defeat traditional law enforcement techniques."
It's worth remembering that Hacking Team not only sold its surveillance software to clients: a key part of the company's business was to provide advice to its customers.
"This can take the form of an 'Infection Vectors Assessment' service," Richard Tynan, a technologist from Privacy International, said in an encrypted chat. "This can be used to determine the most efficient way to gain access to the information sought by the customer."
The emails suggest that this FBI agent took full advantage of this service.
According to other emails, the same FBI agent said that the agency was interested in sourcing more tools that could be used to identify users of Tor, and that 60 percent of their targets are now using Tor. In all, the FBI has spent around $775,000 on Hacking Team's products since 2011, although emails indicate that they were used as a "back up" for a system that the agency is already using.
"RCS is not designed to target Tor users or do mass surveillance of any kind," Eric Rabe, Hacking Team's spokesperson told Motherboard in an email. "The system is designed to follow individual criminals and surveil their personal communications on phones, portable devices and computers."
Asked about the emails, Kate Krauss, a spokesperson for the Tor Project, said that "it is unsurprising that some of our two million users per day are being investigated—and that people who need privacy use the strongest possible software to ensure it."