Source:
Think ProgressChamberLeaks: Plan Solicited By Chamber Lawyers Included Malware Hacking Of Activist ......................
In addition to the Team Themis plans that ThinkProgress and other outlets have reported on, a closer look at the proposals show that the firms had planned to use exploits to steal information from the Chamber’s opponents, or worse. On November 2, HB Gary Federal executive Aaron Barr sent John Woods, a lawyer at Hunton and Williams representing the Chamber, two documents discussing tactics for assisting the Chamber (view the e-mail here). One presentation (click here to download) boasted of HBGary Federal’s capabilities in “Information Operations,” a military contractor term for offensive data extraction techniques typically reserved for use against terrorist groups. The slide includes sections on “Vulnerability Research/Exploit Development” and “Malware Analysis and Reverse Engineering.” View a screenshot below:
HBGary, the parent company of HBGary Federal, specializes in analyzing “malware,” computer viruses that are used to maliciously steal data from computers or networks. In other presentations, Barr makes clear that his expertise in “Information Operations” covers forms of hacking like a “computer network attack,” “custom malware development,” and “persistent software implants.” The presentation shows Barr boasting that he had knowledge of using “zero day” attacks to exploit vulnerabilities in Flash, Java, Windows 2000 and other programs to steal data from a target’s computer.
Indeed, malware hacking appears to be a key service sold by HBGary Federal. Describing a “spear phishing” strategy (an illegal form of hacking), Barr advised his colleague Greg Hoglund that “We should have a capability to do this to our adversaries.” In another e-mail chain, HB Gary Federal executives discuss using a fake “patriotic video of our soldiers overseas” to induce military officials to open malicious data extraction viruses. In September, HGGary executives again contemplate their success of a dummy “evite” e-mail used to maliciously hack target computers.
Read more:
http://thinkprogress.org/2011/02/17/chamberleaks-malware-hacking/