Jump to content

Welcome to nsane.forums

Welcome to nsane.forums, like most online communities you need to register to view parts of our community or to make contributions, but don't worry: this is a free and simple process that requires minimal information. Be a part of nsane.forums by signing in or creating an account.

  • Access special members only forums
  • Start new topics and reply to others
  • Subscribe to topics and forums to get automatic updates

 

Notice: Unfortunately due to some server side issues, registration via Hotmail / Outlook email addresses do not work, members are requested to use some other email addresses like Gmail to register here. We apologize for the inconvenience caused because of it.


Sign in to follow this  
CrAKeN

Shadow Brokers Dump NSA Files Showing SWIFT Infiltration

Recommended Posts

CrAKeN    1,482
CrAKeN

shadow-brokers-dump-nsa-files-showing-sw

 

Hacker group dumps another pile of NSA files

 

The Shadow Brokers hacker group dumped another pile of NSA files on the Internet, some concerning the agency's ways of breaking into Windows systems, and some regarding its targets, namely the SWIFT Service Bureaus. 

 

The fact that the NSA had possibly targeted SWIFT had been known for years, since Edward Snowden's original NSA file leaks. Now, however, this comes into focus once more as there is evidence of exploits targeting two of Swift's Service Bureaus looking for banking data for a number of financial institutions in the Middle East. It is believed that the agency was monitoring funds for terrorist operations.

 

"In this case, if Shadow Brokers claims are indeed verified, it seems that the NSA sought to totally capture the backbone of the international financial system to have a God's eye into a SWIFT Service Bureau - and potentially the entire SWIFT network. this would fit within standard procedure as a covert entity entrusted with covert actions that may or may not be legal in a technical way," wrote researcher Matt Suiche in a blog post.

 

Despite the data coming from the Shadow Brokers, SWIFT claims its infrastructure or data has not been compromised. "There is no impact on SWIFT's infrastructure or data, however, these we understand that communications between these service bureaus and their customers may previously have been accessed by unauthorized third parties," a representative of SWIFT told Threatpost.

 

Huge importance


These SWIFT Service Bureaus are third-party service providers managing and hosting connections to SWIFTNet for financial institutions looking to connect to the network.

 

According to Matt Suiche's explanation, the SWIFT-related archives, called JEEPFLEA, contain credentials and the architecture of EastNets, the largest SWIFT Service Bureau in the Middle East.

 

The bank transactions are handled on an Oracle database running SWIFT software and they include tools used by the NSA to gain data from the Oracle installation, which includes a list of users, and message queries.

 

EastNets, which is one of the targets of the NSA, according to the newly released files, provides a number of services, including anti-money-laundering and antifraud, account information and admin account information. Hazem Mulhim, EastNets CEO and founder, says there is no credibility to the claims his service was compromised.

 

"The reports of an alleged hacker-compromised EastNets Service Bureau network is totally false and unfounded. [...] The photos shown on twitter, claiming compromised information, is about pages that are outdated and obsolete, generated on a low-level internal server that is retired since 2013," he said. "The EastNets Service Bureau runs on a separate secure network that cannot be accessed over the public networks."

 

His claims, however, were debunked as soon as they were made by Kevin Beaumont, security researcher, who demonstrated that EastNets' network was publicly accessible, with screenshots to back it up.

 

Source

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

Sign in to follow this  

×