Ethiopian Government Paid $1 Million for Spying Software – Hacked Email Shows


DETAILED LOOK AT HACKING TEAM’S EMAILS ABOUT ITS REPRESSIVE CLIENTS : Documents obtained by hackers from the Italian spyware manufacturer Hacking Team confirm that the company sells its powerful surveillance technology to countries with dubious human rights records.

Internal emails and financial records show that in the past five years, Hacking Team’s Remote Control System software — which can infect a target’s computer or phone from afar and steal files, read emails, take photos and record conversations — has been sold to government agencies in Ethiopia, Bahrain, Egypt, Kazakhstan, Morocco, Russia, Saudi Arabia, South Sudan, Azerbaijan and Turkey. An in-depth analysis of those documents by The Intercept shows Hacking Team’s leadership was, at turns, dismissive of concerns over human rights and privacy; exasperated at the bumbling and technical deficiency of some of its more controversial clients; and explicitly concerned about losing revenue if cut off from such clients.

Hacking Team has an unusually public profile for a purveyor of surreptitious technology, and it has drawn criticism because its malware has shown up on the computers of activists and journalists. Most of the countries identified in the leaked files have previously been connected to Hacking Team by human rights researchers working with computer forensics experts. The company has long denied any implication in human rights abuses, regularly pointing reporters to a policy on its website that says it only sells to governments, investigates allegations of human rights abuses and complies with international blacklists.

Ethiopia: “700k is a relevant sum”

Last year, researchers with the Citizen Lab at the University of Toronto identified traces of Hacking Team spyware on the computers of Ethiopian journalists living in Northern Virginia. Ethiopia’s government is ranked as one of the worst in Africa for press freedom, and regularly targets journalists under anti-terrorism laws.

The researchers believed that the journalists, who worked for Ethiopian Satellite Television (ESAT) — a network run largely by expatriates and seen as close to opposition parties — had been attacked by Ethiopia’s Information Network Security Agency, or INSA. (The Citizen Lab researchers included Morgan Marquis-Boire, First Look Media’s director of security and co-author of this article.) At the time, the Ethiopian government’s spokesperson in Washington denied using Hacking Team’s products, telling the Washington Post that Ethiopia “did not use and has no reason at all to use any spyware or other products provided by Hacking Team or any other vendor inside or outside of Ethi­o­pia.”




Then last March, Citizen Lab again published evidence of Hacking Team’s malware, this time in an attachment to an email sent to Neamin Zeleke, ESAT’s managing director. The Ethiopian spokesperson said the county “acts in compliance with its own laws and with the laws of nations.”

Hacking Team refused to confirm its clients but repeated that the company investigated alleged human rights abuses. However, Rabe told the Washington Post, “It can be quite difficult to determine facts, particularly since we do not operate surveillance systems in the field for our clients.”

Emails and internal records clearly show that the incident set off a debate within the company about whether the bad press and potential exposure of Hacking Team technology was worth it.


“[Citizen Lab] found the source of the attack because these geniuses used the same email address they had used in the previous attack to send the doc with the exploit,” the chief technical author wrote in Italian, referring to the Ethiopian clients. Vincenzetti ordered them to temporarily suspend the account.

But the follow-up investigation appears to have consisted of a terse email to their INSA contact stating, “would you please give a detailed explanation regarding the following allegations?” with links to reports.

INSA’s representative replied that Zeleke was targeted as a member of Ginbot7, an opposition political party that the Ethiopian government declared a terrorist group in 2011. “To us, Nemene Zeleke is one of the top leaders of a terrorist organization, not a journalist,” the INSA agent wrote.

Hacking Team seemed placated, but still irritated. Chief Operating Officer Giancarlo Russo wrote to other executives that it “seems that from a legal point of view they are compliant with their own law.”

Rabe, meanwhile, argued that “the issue is their incompetent use of HT tools. They can argue about whether their target was a justified target or not, but their use of the tool several times from the same email address, and in repeatedly targeting and failing to get access is what caused the exposure of our technology.” (Indeed, emails to Hacking Team’s support system show clients complaining about the leak.)

Daniele Milan, Hacking Team’s operations chief, weighed in favor of closing the account, saying that INSA’s “reckless and clumsy usage of our solution caused us enough damage.”

“But I know that 700k is a relevant sum,” he adds in Italian in another email.

The executives eventually decided to reinstate Ethiopia’s license. In May, after a few weeks’ back-and-forth, the company proposed a new contract with more on-the-ground training and supervision — “additional services” that a business development executive noted could add hundreds of thousands of euros to the country’s bill.  Read More on

AddisNews is not responsible for the contents or reliability of any other websites to which we get contents from and provide a link and do not necessarily endorse the views expressed by them.

Related posts

Leave a Reply

Your email address will not be published. Required fields are marked *

Send this to a friend