An organization known as The Shadow Brokers has released a new leak that contains evidence of another hacking. This time, however, the hacking wasn’t made by a regular criminal organization. No, this time, the suspect for the hack is the National Security Agency. According to the leak released by the Shadow Brokers, NSA has hacked a network system that the banks use for money transferring.
The founder of a cyber security firm called Comae and the Dubai cyber security conference OPCDE, Matt Suiche, has stated that this is the most interesting release that this shadowy group of malicious leakers has published so far.
For those who don’t yet know, the Shadow Brokers first appearance was during last summer when they attempted to auction hacking tools that were stolen from the Equation Group, who were supposedly connected to the NSA.
They first released the source code as proof that they really have what they claim to be selling. The code seems to be authentic. One of the unique, secret tracking codes that were mentioned in the hacking tool that the Brokers released matches a code from the unreleased file in the Edward Snowden archives, as was discovered by the Intercept.
This new file archive has documents that indicate that the NSA may have hacked BCG and EastNet, which are SWIFT service bureaus in South America and the Middle East. The archive also possesses internal network architecture and login credentials.
The SWIFT system is an internationally used system that the financial institutions use for sending requests for funds transfer. Someone who has accessed one of the service bureaus could easily see the money transactions between the banks.
Suiche added that this file contains the evidence of the biggest SWIFT Service Bureau infection ever seen.
SWIFT was also hacked recently in another, completely separate incident, which was believed to be the work of a hacking team from the North Korea called Lazarus. During this robbery, hundreds of millions of dollars were stolen.
Yet another group of documents that was found during the release contains hacking methods that work on Windows computers. How many of the flaws that these methods use were fixed so far is unknown, since some of the files are not of recent date. The last file release from the group includes operating system vulnerabilities that were borderline archaic.
Whenever the Brokers dump a file with security vulnerabilities, hackers have tried to exploit them. Meanwhile, the companies of the vulnerable products work around the clock in an attempt to patch them up.
Since the Brokers constantly failed to sell the files at the price they demand, they claimed that they’re giving up on selling the data.
They’ve been quiet since January and started operating again this weekend when they released another set of files. This time, their target was Donald Trump, and the release was a form of protest because they felt that he abandoned the promises he made during the elections. The group claims to have voted Trump, even though their messages are often in broken English.