Fallout From Hacking Team: Adobe Exploit Patched
There were two very interesting things to come out of this week’s Hacking Team breach. One was the list of clients the company had been contracting with, which included some private companies as well as repressive governments.
Another interesting thing that is gradually being unearthed is the existence of some unpatched vulnerabilities in major software distributions that the company had disclosed. Of these, there was a major one at Adobe, which was forced to patch a bug quickly in Flash.
The bug was outlined in some of the 400GB trove of files that hacker Phineas retrieved in his attack on the Italian company Hacking Team’s servers. The security research firm gave whoever needed it detailed information on how the bug could be escalated into full control of the affected system.
Also read: Italian Hacking Team Hacked
Hacking Team has since claimed that they know how the weekend breach of their systems was executed but have yet to release any more details than that. The company’s already embattled reputation may be at stake now that it is revealed to clients such as the United States that it has done business with repressive regimes such as the Sudan. This could be a non-starter for some clients. There has also been revealed evidence that the company contracts to other private companies, rather than just to governments and law enforcement, as it has previously stated.
It is likely that other previously undisclosed vulnerabilities will be noticed in the data dump from Hacking Team, and many of them may still be quite useful in the right hands.