October 12, 2021

How did Hacking Team achieve complete invisibility?

On [a slideshow](https://wikileaks.org/spyfiles/document/hackingteam/31_remote-control-system-v5-1/31_remote-control-system-v5-1.pdf) from Hacking Team, they state that their Remote Control System could monitor or log any action performed, with complete invisibility leaving no traces such as new files, file modification, new processes etc.

Here are screenshots from the slides of [functionality](https://i.imgur.com/jeI17RJ.png) and [invisibility](https://i.imgur.com/8ndmh0V.png).

How did they manage that? How could they bug a system and leave the bug invisible?



The saying “PoC or GTFO” (“prove it or get out”) has a lot of traction in this field for excellent reason. It’s funny seeing it in Hacking Team presentation, but not surprising since neither HT nor their clients would exactly be signing up for external auditors to verify their claim.

Some of their claims are pretty normal – AV bypass, sure. Existing files aren’t modified and new files aren’t created (*after* installation), also sure – it operates in memory. *No* network connections are used for a RAT? Color me skeptical.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: By filling this form and submitting your commen, you acknowledge, agree and comply with our terms of service. In addition you acknowledge that you are willingly sharing your email address with AiOWikis and you might receive notification emails from AiOWikis for comment notifications. AiOWiksi guarantees that your email address WILL NOT be used for advertisement or email marketting purposes.

This site uses Akismet to reduce spam. Learn how your comment data is processed.