The group of former employees was accused of having played part in the hack after months of separate lawsuits against five of them. Two of them even received visits from the Italian intelligence—all ploys that seem to be a way to intimidate and punish them for having left the company.A Hacking Team former employee asked not to be named because Vincenzetti, "with his ongoing lawsuits, is at least a little bit effective in his terrorist tactics aimed at forcing people not to talk."Guido Landi, who worked as a developer at Hacking Team focusing on Windows, is one of the former employees that the company is going after. For him, Hacking Team is a "madhouse," led by a "fascist" who won't forgive anyone who dares to leave."Hacking Team shouldn't be a fucking religion that if you wanna leave you're an infidel or a traitor."
Hacking Team's former Android developer Alberto Pelliccione. Photo: Lorenzo Franceschi-Bicchierai/Motherboard
But the developers, as well as other employees, were taken aback, according to Pelliccione. They started asking questions, and debating whether the tools they were creating were being used to fight crime and terrorism, or quash dissent."That debate lit up internally on that day, and never subsided," Pelliccione tells me.The executives also decided to compartmentalize and separate the sales and field application engineers teams, who had the most visibility into the customers, from the developers—"a separation aimed at avoiding internal discontent," Pelliccione says.The compartmentalization became even physical. The developers were working on the ground floor of Via Moscova 13, Hacking Team's headquarters in Milan, while the management was placed on the first floor, and the sales and field application engineers, who travelled around the world demoing the products, worked on the fifth floor.At that point the employees had a harder time knowing what was going on, and how some of the tools were being used, or whom the company was selling to. But Citizen Lab researchers kept revealing more cases of abuse, and Pelliccione says there probably are many more that nobody will ever know about.Landi, who says he had little visibility into the customers, admits that he could have asked friends at the higher floors, but he decided not to, preferring not to know. Looking back, however, he says Hacking Team sold to countries it shouldn't have sold to."You shouldn't sell to Sudan. Period. Same goes for Ethiopia. And even in other less evil countries, there were abuses."
The company has also always claimed that it had no visibility into how the customers were using its products. But in reality, whenever a client wanted to infect a target with a booby-trapped document, it would send the document to Hacking Team's technicians, who were tasked with weaponizing it. While this didn't necessarily mean that the company knew whom the documents would be sent to, they could have an idea, depending on the content of the document.In 2013, Reporters Without Borders named Hacking Team one of the "Enemies of the Internet" for selling tools to repressive regimes. A year later, on February 12, 2014, Citizen Lab revealed that the Ethiopian government had used Hacking Team's spyware to hack into the computers of several journalists in the diaspora, in what activists saw as yet another clear attack on freedom of speech.For Pelliccione, that was the final straw. Two days later, he told his bosses that he wanted to resign. On Feb. 21, the company announced in an internal email that he was leaving to launch his own security company in Malta."I wish Alberto all the best," Hacking Team's Chief Operation Officer, Giancarlo Russo, wrote in the email, in which he described Pelliccione's decision as "bold and courageous."But Vincenzetti, the CEO, didn't take it that well."Alberto was one of the top guys," Vincenzetti wrote in an email sent only to other executives. "This has NEVER happened."Exhibit A: Italy's UN rep tells the UN John AdamsJuly 6, 2015
The CEO immediately doubted Pelliccione's real motives, wondering if he'd take other people with him to create a "spin-off" company or a "competitor." In the following weeks, another employee, a field applications engineer, left the company too. In an email discussing her departure, Vincenzetti talked about "serious cracks" in the company, and the risk of more "defections" that could end up "destroying" the company.In May, Vincenzetti shared more bad news, another "serious loss," this time it was Landi, another key developer."Guido [Landi] is the right arm of [Chief Technology Officer] Marco Valleri," Vincenzetti writes. "Without him, we can't guarantee the invisibility of our product."Vincenzetti added that he had involved Hacking Team's "highest contacts" with the Italian government to figure out where Landi was going. He was likely referring to two agents at the Italian secret service, the country's intelligence arm: Coronel Riccardo Russi, and General Antonello Vitale.When another key employee named Mostapha Maanna resigned a few days later, Vincenzetti started to see a "conspiracy," as Pelliccione puts it, and was worried the former employees wanted to compete with Hacking Team.In the following months, Vincenzetti launched a full on probe into their activities, according to leaked emails and documents. Russi played a fundamental role in it, personally meeting with Landi and Maanna, and even paying them a "visit," as he himself put it in an email, sent from his personal account in August of 2014."No matter how much you regulate these tools, you'll never effectively know how they could be used."
In the lawsuit Vincenzetti wrote that ReaQta's ability to block Hacking Team's RCS can only be due to the "subtraction of RCS source code from Hacking Team's systems." Vincenzetti accused Maanna and Landi of leaving Hacking Team with the purpose of helping Pelliccione commercialize ReaQta. The company also sued Velasco in the United States, as well as Woon in Singapore.The former employees deny all the accusations. Pelliccione tells me that the lawsuit is nonsense, given that ReaQta is a defensive product, while Hacking Team is an offensive tool. And it wouldn't make sense for him to market ReaQta as an antidote given that Hacking Team is used by a small number of customers for targeted surveillance. In other words, it wouldn't make business sense, he says.Hacking Team spokesperson Eric Rabe declined to comment on the lawsuits, saying these are "internal matters."Since going to court, the company has kept the pressure on the former employees. Last summer, before getting hacked, it hired private investigators to tail Maanna, according to leaked emails and reports from the detectives. In an email, a Hacking Team lawyer told the detectives that company was looking for "evidence" of Maanna's "participation in an Islamic group." The detectives' report, however, is nothing but mundane, as they didn't find any evidence of affiliation with any groups, but just witnessed Maanna go play tennis and to the grocery store."These accusations are just an act of retaliation."
A picture of Mostapha Maanna, another former employee of Hacking Team, taken by detectives hired by the company to tail him.
Hacking Team's official twitter account on the day of PhineasFisher's attack.
