Hackers expose NSA financial spying arsenal, global banking system potentially at risk

14 Apr, 2017 21:07 / Updated 8 years ago

Hacking group Shadow Brokers has released a data dump allegedly stolen from the NSA that details the agency’s ability to hack international banks, as well as the SWIFT network, via Windows PCs and servers used in global financial transfers.

The group’s latest release, dubbed ‘Lost in Translation,’ lists Qatar First Investment Bank, Dubai Gold and Commodities Exchange and Tadhamon International Islamic Bank as allegedly compromised.

It’s now feared that one of the world’s most secure methods of making payment orders has been irrevocably compromised with the NSA’s sophisticated arsenal of hacking tools now freely available online.

This latest leak of US government agency cyber weapons comes just one month after revelations that the CIA had also lost its own array of cyber weaponry on the dark web.

SWIFT is used by banks in the transfer trillions of dollars each day. It boasts 11,000 banking and securities organizations in 200 countries across the world as members of its community.

The financial institutions are listed in the documents with a note beside each saying, “box has been implanted and we are collecting” -  jargon used by the NSA to indicate spyware has been successfully implanted on a computer, reports Wired.

IP addresses listed alongside the institutions do not correspond to machines at the institutions, according to security researcher Matt Suiche.

Instead the IP addresses are listed to machines at EastNets, the largest SWIFT Bureau in the Middle East, managing payments for financial clients.

“This is the equivalent of hacking all the banks in the region without having to hack them individually,” Suiche said.

In a tweet, EastNets claimed there was no credibility to claims their machines were compromised.

However, NSA whistleblower Edward Snowden took to Twitter to call EastNets’ bluff.

In addition, he stated that any and all financial services systems that operate Windows are vulnerable to attack, as the NSA’s hacking arsenal is now widely available and relatively easy to use for anyone with the requisite skill set.

In a statement to Wired, Microsoft said, “We are reviewing the report and will take the necessary actions to protect our customers.”

Last week, the Shadow Brokers protested Donald Trump’s involvement in Syria when they released a password that unlocked a trove of NSA exploits. The release was accompanied by the message “Don’t forget your base.”

READ MORE: Shadow Brokers hackers release NSA hacking tools to punish Trump for ‘abandoning’ his base

In a blog post, the Shadow Brokers said the latest leak my not be their last, saying “Maybe if all suviving WWIII theshadowbrokers be seeing you next week. Who knows what we having next time?”