Hackers expose NSA financial spying arsenal, global banking system potentially at risk
Hacking group Shadow Brokers has released a data dump allegedly stolen from the NSA that details the agency’s ability to hack international banks, as well as the SWIFT network, via Windows PCs and servers used in global financial transfers.
The group’s latest release, dubbed ‘Lost in Translation,’ lists Qatar First Investment Bank, Dubai Gold and Commodities Exchange and Tadhamon International Islamic Bank as allegedly compromised.
It’s now feared that one of the world’s most secure methods of making payment orders has been irrevocably compromised with the NSA’s sophisticated arsenal of hacking tools now freely available online.
This latest leak of US government agency cyber weapons comes just one month after revelations that the CIA had also lost its own array of cyber weaponry on the dark web.
SWIFT is used by banks in the transfer trillions of dollars each day. It boasts 11,000 banking and securities organizations in 200 countries across the world as members of its community.
'It's nowhere near the full library' - Edward #Snowden on #NSA hacking tools release https://t.co/4r56MVnGGipic.twitter.com/crLtlCNtKF
— RT (@RT_com) April 9, 2017
The financial institutions are listed in the documents with a note beside each saying, “box has been implanted and we are collecting” - jargon used by the NSA to indicate spyware has been successfully implanted on a computer, reports Wired.
IP addresses listed alongside the institutions do not correspond to machines at the institutions, according to security researcher Matt Suiche.
Instead the IP addresses are listed to machines at EastNets, the largest SWIFT Bureau in the Middle East, managing payments for financial clients.
“This is the equivalent of hacking all the banks in the region without having to hack them individually,” Suiche said.
In a tweet, EastNets claimed there was no credibility to claims their machines were compromised.
No credibility to the online claim of a compromise of EastNets customer information on its SWIFT service bureau... https://t.co/LUYUBwg7k0
— EastNets (@EastNets) April 14, 2017
However, NSA whistleblower Edward Snowden took to Twitter to call EastNets’ bluff.
This. Their systems were inarguably and very seriously hacked. https://t.co/LaGgAZ3FGU
— Edward Snowden (@Snowden) April 14, 2017
In addition, he stated that any and all financial services systems that operate Windows are vulnerable to attack, as the NSA’s hacking arsenal is now widely available and relatively easy to use for anyone with the requisite skill set.
This is not a drill: #NSA exploits affecting many fully-patched Windows systems have been released to the wild. NSA did not warn Microsoft. https://t.co/2H8F7vH7fW
— Edward Snowden (@Snowden) April 14, 2017
In a statement to Wired, Microsoft said, “We are reviewing the report and will take the necessary actions to protect our customers.”
Last week, the Shadow Brokers protested Donald Trump’s involvement in Syria when they released a password that unlocked a trove of NSA exploits. The release was accompanied by the message “Don’t forget your base.”
In a blog post, the Shadow Brokers said the latest leak my not be their last, saying “Maybe if all suviving WWIII theshadowbrokers be seeing you next week. Who knows what we having next time?”
