Hackers reveal documents showing NSA breached SWIFT money transferring system

Rodiano Bonacci
Aprile 17, 2017

The exploits were believe to have originated from the National Security Agency as part of its work to monitor money flow in the SWIFT interbank messaging system.

It may be recalled that a year ago, hacking tools that were confirmed to belong to the NSA's so-called Equation Group were stolen in one of the biggest breaches of classified files since the Edward Snowden revelations.

The exploits, published by the Shadow Brokers yesterday, contained vulnerabilities in Windows computers and servers.

The Microsoft statement has led to security researchers speculating how the company came to be aware of these exploits and whether the NSA was the informant.

"This reportedly gave the U.S. spy service a window into the financial activities of a range of organisations, including those belonging to firms in Qatar, Dubai, Abu Dhabi, Syria, Yemen and the Palestinian territories", said a report in The Wired on Saturday.

EastNets ran a "complete check of its servers and found no hacker compromise or any vulnerabilities", according to a statement from EastNets' chief executive and founder, Hazem Mulhim.

"The SWIFT network as a messaging network being compromised is extremely worrying".

But the contents of the leak appeared to suggest otherwise. Inside, it has documents listing the internal structure at EastNets, a Dubai-based bank and anti-money laundering organization. Security experts who tested the tools, leaked by a group called the Shadow Brokers, found that they worked.

Fairfax was not able to verify the authenticity of the files - and the NSA has not commented on the leak.

The exploits are aimed at a number of Windows servers and Windows operating systems, including Windows 7 and Windows 8.

Earlier Friday, Microsoft had said the company had not been warned by the government or other outsiders about the stolen programs. Microsoft didn't elaborate, and only said "Addressed prior to the release of Windows Vista".

As promised, the Shadow Brokers dumped a series of Windows hacking tools, some of which they put up for sale in a public auction last December and January. But Microsoft said it has already patched the flaws. A year ago hackers stole $81 billion Dollars from the Bangladesh central bank, which utilizes the SWIFT messaging system. Belgium-based Swift downplayed the risk of attacks employing the code released by hackers. The security threat is apparently reduced in just few hours. SWIFT stated that there was no indication that their main network had been accessed by unauthorized users.

But the organisation said that the local messaging systems of some Swift client banks had been breached. According to the company, "The EastNets Service Bureau runs on a separate secure network that can not be accessed over the public networks". In the words of the Shadow Broker's latest message, "Who knows what we having next time?"

"That's information you can only get if you compromise the system", he said.

Leaked documents claim the NSA targeted Middle Eastern banks with its Windows hacking tools.

If legitimate, the files released by Shadow Brokers would be the most significant exposure of NSA files since the leaks in 2013 by former USA intelligence contractor, Edward Snowden.

Altre relazioniGrafFiotech

Discuti questo articolo

Segui i nostri GIORNALE