Memento Labs: The Spyware Company Rising From Hacking Team’s Ashes
In the shadowy world of digital surveillance, few names are as infamous as Hacking Team. This Italian company gained notoriety for selling powerful spying tools to governments across the globe, including authoritarian regimes who used the technology to target journalists, activists, and political dissidents. After a devastating hack in 2015 exposed its secrets and clients, the company collapsed under the weight of scandal.
However, the expertise and technology behind Hacking Team did not simply disappear. Instead, they have re-emerged under a new name: Memento Labs. This organization represents the next chapter in commercial spyware, demonstrating that even a high-profile downfall can’t always keep sophisticated surveillance tools off the market.
The Rebirth of a Surveillance Giant
Evidence strongly indicates that Memento Labs is the direct successor to Hacking Team, staffed by many of the same key executives and engineers. Operating from the same Italian base, the company continues the business of developing and selling “lawful interception” tools to law enforcement and intelligence agencies worldwide.
While the company presents its products as tools for fighting crime and terrorism, the history of its predecessor raises serious concerns. The core issue remains the same: once these powerful surveillance tools are sold, there is little to no control over how they are ultimately used. The potential for abuse is immense, turning tools meant for criminals against innocent civilians, political opponents, and advocates for human rights.
How the Spyware Works
The surveillance suite offered by Memento Labs is a powerful and invasive form of spyware, designed to be deployed against both Android and iOS devices, as well as desktop computers. Its capabilities are extensive and represent a total loss of privacy for anyone targeted.
Once a device is infected, the spyware can:
- Intercept all communications, including phone calls, text messages, and chats from encrypted apps like WhatsApp and Signal.
- Track the device’s real-time GPS location and access historical location data.
- Remotely activate the device’s microphone and camera to secretly record conversations and capture images.
- Log every keystroke, capturing passwords, search queries, and private messages as they are typed.
- Access all stored files, including photos, documents, and contact lists.
Infection is often achieved through sophisticated means, such as exploiting zero-day vulnerabilities—security flaws that are unknown to the device manufacturer and have no available patch. Attackers frequently use social engineering tactics, sending a carefully crafted message with a link that, once clicked, silently installs the spyware without the user’s knowledge. In essence, these tools turn your phone into a 24/7 surveillance device, all controlled by a remote operator.
The Enduring Threat of Commercial Spyware
The story of Memento Labs is a critical reminder of the dangers posed by the commercial spyware industry. Companies operating in this space provide nation-state-level hacking capabilities to any government willing to pay the price. This privatization of digital espionage creates a dangerous global market where surveillance tools can proliferate with minimal oversight.
The primary danger is the inevitable “dual-use” problem. A tool sold to a democratic nation to track a suspected terrorist can be sold to an authoritarian regime to hunt down a journalist. The technology itself is neutral; its application is not. This reality puts activists, reporters, and anyone deemed a threat by an oppressive government at severe risk.
How to Protect Yourself from Advanced Mobile Threats
While tools from developers like Memento Labs are highly sophisticated, you can still take fundamental steps to enhance your digital security and make yourself a harder target.
- Keep Your Devices Updated: The most critical defense is to always install operating system and application updates as soon as they are available. These updates frequently contain patches for security vulnerabilities that spyware tries to exploit.
- Beware of Suspicious Links: Be extremely cautious about clicking on links or downloading attachments from unknown or untrusted sources, whether they arrive via email, text message, or social media. This is the most common infection vector.
- Use Strong Security Practices: Enable a strong, unique passcode for your device and enable two-factor authentication (2FA) on all your important online accounts.
- Review App Permissions: Regularly check the permissions you have granted to the apps on your phone. Does a simple game really need access to your microphone and contacts? Revoke any permissions that seem unnecessary.
- Consider Advanced Protection: For individuals at high risk of being targeted, features like Apple’s Lockdown Mode can significantly reduce the attack surface of your device, making it much harder for spyware to compromise.
The rise of Memento Labs from the ashes of Hacking Team proves that the market for powerful surveillance tools is resilient. As long as there is a demand from governments for this technology, companies will emerge to supply it. For everyday users, maintaining a high degree of security vigilance is no longer optional—it is an essential part of modern digital life.
Source: https://securityaffairs.com/183913/apt/memento-labs-the-ghost-of-hacking-team-has-returned-or-maybe-it-was-never-gone-at-all.html
