Italian spyware vendor Hacking Team’s internal data was hacked and released this week, leaking research and information on how its bitcoin spyware called “Money Module,” which was used to spy on protesters and political dissidents works.
The Italian spyware vendor has been selling the software that surveils computers or smartphones to a range of clients, including international law enforcement agencies. The software was launched in January 2014, and has been used to track down transactions of cryptocurrencies such as bitcoin, litecoin, feathercoin and namecoin.
The software targets one key file in a bitcoin wallet called wallet.dat, which contains a set of private keys needed to settle a transaction on the blockchain. Once the software gets hold of the keys, it acquires the entire transaction history.
“It is straightforward to grab the wallet.dat and related files and for malcode to get the password for this file when the user accesses their bitcoins,” Nicholas Weaver, a researcher at the International Computer Science Institute in Berkeley, California, told ArsTechnica. “Similarly, one can also search for Bitcoin-related keywords in e-mail messages and other content on their computer. And once you have a copy of the wallet.dat file, you have the