Hackers expose NSA financial spying arsenal
Hacking group Shadow Brokers has released a data dump allegedly stolen from the NSA detailing the agency’s ability to hack international banks, including the SWIFT network, via Windows PCs and servers used for global financial transfers.
The group’s latest release, dubbed ‘Lost in Translation,’ lists Qatar First Investment Bank, Dubai Gold and Commodities Exchange and Tadhamon International Islamic Bank as allegedly compromised.
It’s now feared that one of the world’s most secure methods of making payment orders has been irrevocably compromised with the NSA’s sophisticated arsenal of hacking tools now freely available online.
This latest leak of US government agency cyber weapons comes just one month after revelations that the CIA had also lost its own array of cyber weaponry on the dark web.
SWIFT is used by banks in the transfer trillions of dollars each day. It boasts 11,000 banking and securities organizations in 200 countries across the world as members of its community.
The financial institutions are listed in the documents with a note beside each saying, “box has been implanted and we are collecting” - jargon used by the NSA to indicate spyware has been successfully implanted on a computer, reports Wired.
IP addresses listed alongside the institutions do not correspond to machines at the institutions, according to security researcher Matt Suiche.
Instead the IP addresses are listed to machines at EastNets, the largest SWIFT Bureau in the Middle East, managing payments for financial clients.
“This is the equivalent of hacking all the banks in the region without having to hack them individually,” Suiche said.
In a tweet, EastNets claimed there was no credibility to claims their machines were compromised.
In a statement to Wired, Microsoft said, “We are reviewing the report and will take the necessary actions to protect our customers.”
Last week, the Shadow Brokers protested Donald Trump’s involvement in Syria when they released a password that unlocked a trove of NSA exploits. The release was accompanied by the message “Don’t forget your base.”