The recent hacking incident on Italian spyware vendor Hacking Team revealed that the group has been able to track bitcoin wallet transactions through its Money Module. Among the files released in the leak earlier this month are reports and emails showing how the module worked.
Last year, Hacking Team already mentioned that they’re working on a feature that could expose transactions related to bitcoin and other cryptocurrencies. Documents have shown that this feature can also expose transactions using litecoin, feathercoin, and namecoin.
Bitcoin Wallet Secrecy
Bitcoin wallets are usually kept secret using public and private keys. However, the Money Module is able to access the wallet.dat file, which contains crucial information pertaining to these user keys.
According to a researcher at the International Computer Science Institute in Berkeley, California, this feature shouldn’t be surprising since it is easy to access the wallet.dat file. He also added that it is straightforward to grab other related files and install malware in order to get passwords and other important bitcoin wallet information.
In addition, the leaked files following the hacking incident on the spyware company also showed a few interested parties when it comes to bitcoin wallet tracking. In particular, Egyptian and Saudi Arabia authorities are keen to get their hands on this feature, as both the Egyptian Ministry of Defense and the Saudi Ministry of the Interior e-mailed Hacking Team with support questions.
Hacking Team CEO David Vincenzetti has reportedly congratulated his team for a job well done in creating the Money Module. This was also revealed in a set of emails between company executives and developers. In an email from the group’s software architect Alberto Ornaghi “information we can get are: addressbook (list of all contacts and local accounts of the target), files (the wallet itself, containing the money and spend it for private keys), transactions (transaction history in/out of the target , useful for making correlations).”