Thursday, 27 July 2017
Latest news
Main » Hacked files suggest NSA penetrated SWIFT, Middle East banks

Hacked files suggest NSA penetrated SWIFT, Middle East banks

16 April 2017

The mysterious hacker group known as "Shadow Brokers" released files late on Friday showing that the US National Security Agency (NSA) had found and exploited numerous vulnerabilities that allowed them to penetrate the SWIFT banking network.

There are trillions of dollars per day that get transferred through SWIFT, with over 11,000 banks and securities organizations in over 200 countries using SWIFT.

"[There is] no credibility to the online claim of a compromise of EastNets customer information on its Swift service bureau", the company said in a statement to Khaleej Times.

"We can confirm that no EastNets customer data has been compromised in any way".

Aside from the mystery surrounding the patching of these vulnerabilities one month ahead of the exploits, the other major question is how multiple security researchers and news outlets all incorrectly reported the exploits targeted fully updated products that remained supported by Microsoft. However, SWIFT and EastNets told reporters that there has been no unauthorized access so far on its networks.

Shook warned that the code could be used in operations similar to last year's theft of $81 million from the Bangladesh central bank.

The "auction" file materials were underwhelming, but today those wiley and sarcastic (and probably Russian) hackers dumped the really incredible stuff: operational notes from the NSA's active targeting of banks in the Middle East and the NSA's collection of Microsoft Windows exploitation tools.

Woman fatally stabbed by Palestinian in Jerusalem, authorities say
As the train approached Kikar Tzahal, he reportedly stood up from his seat, pulled out a knife and stabbed a fellow passenger. Israel says at least 162 of the Palestinians killed had carried out stabbing, shooting or vehicle ramming attacks.

Analysis The Shadow Brokers have leaked more hacking tools stolen from the NSA's Equation Group - this time easy-to-use exploits that attempt to hijack venerable Windows systems, from Windows 2000 up to Server 2012 and Windows 7 and 8. In addition to the released files, Shadow Brokers announced an "auction" for the sale of an addition batch of NSA tools.

A collective of security researchers have analyzed the leaked exploits yesterday afternoon, which helped us put a list of all the exploits, here.

The newly leaked set of documents were published by a group calling itself TheShadowBrokers.

"This is not a drill", former NSA contractor Edward Snowden tweeted Friday.

Qatar First Investment Bank, Arab Petroleum Investments Corporation Bahrain, Dubai Gold and Commodities Exchange, Tadhamon International Islamic Bank, Noor Islamic Bank, Kuwait Petroleum Company and Qatar Telecom, are just a few of the financial institutions that were targeted by the NSA, according to the leaked files.

"The NSA knew their hacking methods were stolen past year, but refused to tell software makers how to lock the thieves out".

Some of the documents released by the Shadow Brokers were dated 2013, but others were not dated. The NSA has not yet commented on the leak. Luckily, when it comes to the recently leaked Windows exploits, Microsoft was already prepared - now supported versions of the operating system are not impacted. Microsoft stopped releasing routine security updates for Windows XP in 2014, but some businesses and individual users continue to use Windows XP. Microsoft says it patched this one in MS10-061. A Microsoft spokesperson provided a statement via e-mail, stating that "we are reviewing the report and will take the necessary actions to protect our customers".