We all know the NSA has the tools to spy on virtually everyone, but now hacking group Shadow Brokers has released a data dump that has allegedly come from the NSA, which details that the US spy agency can hack international banks - and more important,yl the SWIFT network through Windows PCs and servers that are used during global financial transfers.
What is the SWIFT? It's used by banks as a security measure for fraud, as it's used to validate ones back account - and vica versa. There are trillions of dollars per day that get transferred through SWIFT, with over 11,000 banks and securities organizations in over 200 countries using SWIFT. The NSA allegedly claimed in its now hacked and released article that the "box has been implanted and we are collecting", which Wired explains as the "jargon used by the NSA to indicate spyware has been successfully implanted on a computer".
Security researcher Matt Suiche said that the IP addresses that are next to the financial institutation in the documents do not line up with the real IP addresses of the machines at the institutions. The IP addresses that were listed were to machines at EastNets, which is the largest SWIFT branch in the Middle East, which manages all of the payments for financial clients. Suiche explains: "This is the equivalent of hacking all the banks in the region without having to hack them individually".
NSA whistleblower Edward Snowden even chimed in on the claims that EastNet weren't compromised, with the official Twitter page to EastNet responding to the situation tweeting "No credibility to the online claim of a compromise of EastNets customer information on its SWIFT service bureau". Snowden wasn't having any of that, tweeting back: "Their systems were inarguably and very seriously hacked", with a follow up tweet of "This is not a drill. #NSA exploits affecting many fully-patched Windows systems have been released into the wild. NSA did not warn Microsoft".
Microsoft reached out to Wired with a statement saying: "We are reviewing the report and will take the necessary actions to protect our customers".
But, are the hackers done? No. No, they're not. Shadow Brokers said in a blog post that this leak won't be their last, saying "Maybe if all suviving WWIII theshadowbrokers be seeing you next week. Who knows what we having next time?".