Did Hacking Team design software that could plant child porn on suspects' PCs?

Hacking Team code uploaded to Github references 'child porn evidence fabrication tools'

Code uncovered and pasted to Github following the devastating attack on Hacking Team, the security software company that sells surveillance tools to governments and security agencies around the world, suggests that it built and sold a "child porn fabrication tool", or may have been intending to.

The tool could have been used in conjunction with the Trojan horse or malware the company also sold to plant false evidence on target machines that would have been used to blackmail, smear or even as justification for arrest.

The evidence was contained in code uploaded to Github on Monday, although it has since been taken down. Indeed, at this stage, it is unclear whether such software genuinely exists or whether the lines of code invoking it is a hoax, or simply unused code or a module the company has not yet developed.

Some experts have warned that the code extract was taken out of context and false.

Nevertheless, further evidence is expected to emerge about the company's activities as more people examine the source code that was released when hackers cracked the company's security and downloaded almost all Hacking Team's data - source code, emails, invoices, even web browser viewing histories of staff.

More news

Further revelations that have come out today also indicate that Hacking Team uses websites that don't force HTTPS - encrypted connections - to inject browser exploits on target PCs. Once a PC has been compromised, the company's software is able to install the advanced persistent threat on the target's hard drive and BIOS.

Late on Monday, Hacking Team notified customers by email to discontinue using all of the company's Remote Control System software, also called Galileo, while sources have admitted that the attackers downloaded the majority of the firm's digital property - "pretty much everything", according to one source.

The source went on to suggest that they accessed the corporate network after breaking into the computers of the company's two systems administrators, according to the Motherboard website, which conveyed access to the whole network.

"I did not expect a breach to be this big, but I'm not surprised they got hacked because they don't take security seriously," claimed the Motherboard source. "You can see in the files how much they royally fucked up."

For example, not one single piece of sensitive information was encrypted, not even passwords, employee passports or customer lists were encrypted - and nobody noticed 400GB of data being extracted from the corporate network.

UPDATE: This story has been updated as new information comes in. Further analysis of the highlighted code indicates that the reference to "evidence fabrication tools" was out of context and false.