14 DAY TRIAL // The Hacking Team data leak has yielded more ground-breaking results, this time in the realm of Bitcoin lovers. Leaked internal emails revealed the presence of special software aimed at decrypting Bitcoin transactions, as reported by Ars Technica.
The software in question was called "Money Module" and it was part of the Hacking Team's Remote Control System suite, software which the Italian company was selling to governments and hacking groups around the world.
As you may know by now, the Hacking Team was hacked at the beginning of July this year, and over 400GB of information were leaked to the public.
When this data was made available online via WikiLeaks, security experts started researching its contents, and besides a slew of Flash vulnerabilities the company was exploiting, Ars Technica staff came across a series of emails detailing their approach to Bitcoin transactions.
The Bitcoin module was available in the wild for 18 months
This "Money Module" aimed at Bitcoin was introduced on January 12, 2014, and was developed in the Milan (Italy) branch of the company, "Let me anticipate the introduction of a new module, MONEY, currently under development and planned to be released with version 9.2 (early March)."
The email continued, "The module is able to collect various information: list of contacts and local accounts, wallet (i.e., the money) and the history of transactions."
The Money Module could be used on all desktop operating systems, and worked with BitCoin, LiteCoin, Feathercoin and Namecoin crypto-currencies.
The module worked together with a keylogging system
Hacking Team's Money Module operated by taking a victim's wallet.dat file, and together with the company's various keylogging systems, would provide the necessary authentication to decrypt and extract data.
Since the wallet.dat file contained information about the user's private keys, correlating this with public transactions, Hacking Team was able to decipher the two ends of a Bitcoin transaction.
The same leaked data also showed communications between the Hacking Team's management and the governments of Egypt and Saudi Arabia, but there is no evidence (yet) they have sealed a deal to acquire the module.