F*ck you Hacking Team! From Portugal, with Love, fG! presented at Shakacon 2014

by Fg! ,

Summary : This presentation will be dedicated to reversing of Hacking Team commercial spyware software, OS X version. The latest samples found in the wild have the backdoor module packed with MPRESS to “avoid” easy reverse engineering so my goal is to spend some time talking about the packer, how to unpack it, and how to build an automatic unpacker, and then dedicate some time to introduce the different pieces of this malware, its features and implementation, and how it is evolving from the first known samples.