Published: Sun, April 16, 2017
IT&Software | By Jimmie Castillo

Hacker documents show NSA tools for breaching global money transfer system

Hacking group Shadow Brokers has released a data dump allegedly stolen from the NSA detailing the agency's ability to hack worldwide banks, including the SWIFT network, via Windows PCs and servers used for global financial transfers.

The SWIFT messaging system, which is headquartered in Belgium, is used by banks to transfer trillions of dollars each day.

The Shadow Brokers, an unidentified group or persons, has hacked the NSA for the past eight months and have leaked a gigabyte of NSA data.

One of SWIFT's service bureaus, the Dubai-based EastNets, which was allegedly among those hacked, strongly rejected the claims as "totally false and unfounded". SWIFT stated that there was no indication that their main network had been accessed by unauthorized users.

The company, which helps connect customers to the financial world's electronic backbone, SWIFT, said the ShadowBrokers documents referred to a "low-level internal server" that had since been retired and that a "complete check" of its systems had turned up no evidence of any compromise.

North Korea is suspected of using SWIFT to target the Union Bank of India in an attempt to steal $170 million in July 2015, similar to the cyberheist of $81 million against the Blangladesh Bank.

"The tools and exploits released today have been specifically created to target earlier versions of Windows operating system", said security specialist Pierluigi Paganini on the Security Affairs website.

According to another report in Fortune, the group - believed to be tied to the Russian government - also released a set of confidential hacking tools used by USA intelligence organisation the NSA to exploit software vulnerabilities in Microsoft Windows software.

10 best tributes on 'Jackie Robinson Day'
In 2004, the Major League Baseball chose to honor Robinson's memory by celebrating Jackie Robinson Day. I've had the good fortune of playing with players from more than 10 countries throughout my career.

Microsoft said on Friday that, "other than reporters, no individual or organization has contacted us in relation to the materials released by Shadow Brokers". Swift service bureaus are companies that provide an access point to the Swift system for the network's smaller clients and may send or receive messages regarding money transfers on their behalf. One such researcher, Matthew Hickey (known as "Hacker Fantastic") later noted that his tests were run on a fresh install of Windows - in other words, it was missing March's patches - which as a result he later discounted.

"This is not a drill", former NSA contractor Edward Snowden tweeted Friday.

"The NSA knew their hacking methods were stolen previous year, but refused to tell software makers how to lock the thieves out".

Experts believe that the blowback of the Shadow Brokers' latest release will likely leave the intelligence community reeling for quite a while.

Beaumont said there was bad news in the release for Microsoft as well.

The NSA did not immediately return an email seeking comment. Microsoft Security Response Center, naturally, recommends that users keep their machines up to date to ensure that they're protected.

Files released by "Shadow Brokers" also suggest the NSA exploited weaknesses in Microsoft Windows products.

Like this: