The U.S. National Security Agency, arguably the world’s best-financed spy agency, reportedly compromised the global banking system by hacking into the firm that oversees payments for dozens of banks and other firms.
The hacker group Shadow Brokers, which hinted there’s more to come, released a batch of documents Friday that if genuine indicate the NSA hacked into EastNets, which oversees the global SWIFT transaction for dozens of clients, particularly in the Middle East, Wired reported.
Hackers have been targeting SWIFT, the Society for the Worldwide Interbank Financial Telecommunication co-operative, which eases international transactions. It originally was established in Brussels to develop a global communications link for data processing and a common language for financial transactions. It operates as a messaging system for such things as letters of credit, payments and securities transactions between banks.
North Korea is suspected of using SWIFT to target the Union Bank of India in an attempt to steal $170 million in July 2015, similar to the cyberheist of $81 million against the Blangladesh Bank.
TechCrunch reported the data dump keyed on exploits centered around the SWIFT Alliance Access.
“Is being too bad nobody deciding to be paying theshadowbrokers for just to shutup and going away. TheShadowBrokers rather being getting drunk with McAfee on desert island with hot babes,” the group said in announcing the release.
The NSA is not suspected of going after funds, just a little quiet spying by implanting spyware at various IP addresses to ferret out the flow of money to terror groups or other extremists, Wired said.
“This is the equivalent of hacking all the banks in the region without having to hack them individually,” Matt Suiche, founder of UAE-based incident response and forensics startup Comae Technologies, told Wired. “You have access to all their transactions.”
Suiche predicted an international backlash given that the targets involved are in U.S.-friendly countries.
Friday’s leak included NSA hacking tools for Windows PCs and servers, including a “framework” tool called FuzzBunch. The tools, however, are for pre-Windows 10 operating systems.
The Shadow Brokers last year dumped malware it said came from the Equation Group, which is associated with NSA.
Both TechCrunch and Wired said they had received no comment from either the NSA or Microsoft.