Files released by the hacker group Shadow Brokers suggest the United States National Security Agency penetrated the SWIFT banking network and monitored several Middle East banks, according to Associated Press.
According to computer security analysts, the files also show that the NSA had found and exploited numerous vulnerabilities in a range of Microsoft Windows products widely used on computers around the world.
Analysts generally accepted the files, which show someone exploiting zero-day vulnerabilities in common software and hardware, came from the NSA. The NSA appears to have monitored transactions involving several banks and financial institutions in Kuwait, Dubai, Bahrain, Jordan, Yemen and Qatar.
The files appear to indicate that the NSA had infiltrated two of SWIFT’s service bureaus, including EastNets, which provides technology services in the Middle East for the Belgium-based SWIFT and for individual financial institutions.
“The tools and exploits released … have been specifically designed to target earlier versions of the Windows operating system,” security specialist Pierluigi Paganini said on the Security Affairs website.
They “suggest the NSA was targeting the SWIFT banking system of several banks around the world”.
The stolen files are believed to have been taken from a secretive hacking unit, dubbed the Equation Group, at the key US signals intelligence agency.
In a statement on its website, EastNets rejected the allegations.
“The reports of an alleged hacker-compromised EastNets Service Bureau network is totally false and unfounded,” it said.
“We can confirm that no EastNets customer data has been compromised in any way.”
SWIFT said in a statement that the allegations involve only its service bureaus and not its own network.
“There is no impact on SWIFT’s infrastructure or data, however we understand that communications between these service bureaus and their customers may previously have been accessed by unauthorised third parties. We have no evidence to suggest that there has ever been any unauthorised access to our network or messaging services.”
Shadow Brokers first surfaced last year, offering a suite of hacking tools from the NSA for sale. There were no takers at the stated price – tens of millions of dollars – and since then, the hacker or hackers have leaked bits of it for free.
Analysts say many of the exploits revealed appear to be three years old or more, but have some unknown vulnerabilities that could still be used by other hackers.
No one has yet discovered the identity of Shadow Brokers, or of the hackers that gained access to the NSA materials.
