Early last year, we reported that HackingTeam have found a way to actively monitor mobile devices running leading smartphone platforms. The list included iOS, Android, BB10 and Windows Phone devices. At that time, they revealed that “active monitoring” on Windows Phone devices was done using a OS Zero day vulnerability in Windows Phone OS allowing 3rd party code to execute as trusted app.
Recently, HackingTeam itself became victim of hacking and sensitive documents of them were leaked online. Today, the source code of Windows Phone Spy program which they have been selling to government agencies got leaked online. We are yet to confirm whether one can build a spy program out of this leaked source code. But we can confirm that this spy program has source code which could track SMS, Email, Calls, Calendar, Battery, access to camera, geolocation and microphone of the device and more. Another important thing related to this spy program is the delivery mechanism, if it is not available, then this leaked source code will not be of much use.
Former Microsoft employee Justin Angel tweeted the following regarding this source code leak.
JustinAngel: Good news: Microsoft can easily detect all WP8 devices infected with #HackingTeam’s app. Single app ID: 11B69356-6C6D-475D-8655-D29B240D96C8
Justin Angel analyzed the leaked source code and found that this is just a regular Windows Phone app which abuses app permissions. It is not making using of any OS exploits as claimed by its developers.
Thanks to Justin for the heads up.