What if it was a deliberate effort from Hacking Team itself to fake a breach, produce a torrent file to be downloaded and compromise whoever is downloading it?
The size would need to be large enough that whoever trying to download it will have to stay a relatively long time.
The massive PR hit they're taking means their company will most likely die. And "compromising" someone merely by letting one download stuff is at best a gamble, any decent infosec professional will examine this stuff with the same precautions as when analyzing malware.
This is exactly what I'm talking about: What I'm being downvoted for and what each comment is doing is rationalizing why this simply can't happen. Everyone is confident about what Hacking Team is or isn't doing/thinking.
How can someone be so sure what an entity is thinking or doing? Yes, it's not likely. Yes, it's risky.. but what if they were really bold?
The PR hit is a non issue if it is the case, since they can simply say what happened: "Basically, here's how to own a huge number of very sophisticated people". Make nice slides, and show them at Black Hat or something like that. It's "research".
The icing on the cake would be to present this material to the very security researchers who've been ownd. This would be a huge PR stunt since it's basically security researchers who will download the file.. And if security researchers are as confident as most people that this simply can't be a con, then all the better :)
It is still not likely, but it would be beautiful.
PS: Something like that happened at NASA many, many, years ago. There was a security breach and instead of shutting it down, the security team uploaded a ton of bogus classified files, plans, and reports to keep the guy coming and unsuspecting. Until they got him.
> Yes, it's risky.. but what if they were really bold?
Isn't the question really how careless the people downloading the file are?
Is it possible to infect hardware through a virtual machine? Let's just assume it is; what's to stop someone from using a throwaway, one-way laptop? Get fresh laptop, install the tools you need, copy the files over via USB or network, disconnect the laptop and never connect it to anything ever again. What am I missing?
To transfer a lot of data (e.g. analysis results) back from the potentially infected machine, play back the data encoded as audio, record that with another computer and convert it back to binary/plain text/whatever. (There might be better ways but hey)
Sure, most people probably won't bother with any such stuff, and just stick to "only" viewing text files and images etc., but then all HT would have shown is what has been proven with email spam already: that if you can get people to treat unknown files carelessly, not to mention run executables, you can infect them.
It's very easy to spin up rTorrent on some machine not attached to you so this doesn't seem like a very good plan, especially considering the PR damage. Maybe if they managed to embed malware in some commonly trusted file format but that again doesn't seem likely since there are too many viewers, and security researchers will generally be careful.
The size would need to be large enough that whoever trying to download it will have to stay a relatively long time.