From Iceland — Reykjavík Police Sought Spyware From Hacking Team

Reykjavík Police Sought Spyware From Hacking Team

Published July 9, 2015

Haukur Már Helgason
Photo by
HMH

Hacking Team e-mails reveal that an Icelandic detective from the Reykjavík Metropolitan Police sought their help for hacking mobile phone communications, declaring an interest in obtaining spyware to monitor digital communications.

The hacking of Italian “lawful intercept” provider Hacking Team – notorious, among other things, for assisting governments with shady human rights records – has made global news, with some 415GB of data from their emails now available on Wikileaks. While people the world over are still combing over the wealth of material therein, some of the data contained hits close to home.

Among the leaked documents is email communication between the company’s “key account manager” Massimiliano Luppi, and Icelandic detective inspector Ragnar H. Ragnarsson.

The communication between the two starts when the company notifies the officer about their participation in an upcoming “telestrategies” business expo in Prague, 2011, to introduce software branded as Remote Control System (RCS), “designed to attack, infect and monitor target PCs and smart-phones in a stealth way.”

The notification goes on to list supported platforms, including version of Windows, MacOS, iOS, Symbian, Blackberry and Android. “Once a target is infected”, it then explains, “RCS allows access to a variety of information”, listing Skype communication, MSN, keystrokes, files, screenshots, “microphone eavesdropped data, camera snapshots, etc.” According to the account manager, “invisibility features include full resistance to all the major and most common endpoint protection systems”, in effect promising that virus detection software will not notify users that their communication tools have been compromised.

Months later, and after the Prague expo, Ragnar responds, addressing the manager on a first name basis, asking for “more info on your Smart phone stealth solutions?” An initial reply does not seem to satisfy his need for information, so the inspector repeats and further specifies his request: “I am looking for more in depth information, especially regarding the mobile solutions, prices etc. Is the mobile system capable of capturing voip communication?”

To this, Mr. Luppi responds that the requested feature is “not supported yet”. In light of “a request for such particular aspect however”, he offers an “in depth evaluation of how much time it would take to have this aspect covered”. To facilitate further communication, he then asks Ragnar for his PGP key, to, ironically, encrypt their messages. The leak does not include any messages after the two presumably exchanged their encryption keys.

The Grapevine contacted Ragnar on the matter, who – after asking how we got his number – declined to comment on the topic.

Support The Reykjavík Grapevine!
Buy subscriptions, t-shirts and more from our shop right here!

Show Me More!