US may have hacked into ME banks

US may have hacked into ME banks

The Shadow Brokers-the mysterious person or group that over the past eight months has leaked a gigabyte worth of the National Security Agency's weaponized software exploits-just published its most significant release yet. The releases are published with odd and misspelled blog posts, and recent posts have been critical of the Trump administration. The company has checked its servers and found no compromise or any vulnerabilities. Hickey said it exploits Windows systems over TCP ports 445 and 139. Hackers use them to insert back doors for continued access, eavesdropping or to insert other tools.

The SWIFT service bureau, EastNet, appears to have made network design choices that reduced security and would make it easy to attack all of the banks attached to the network, said Tentler.

Reuters could not independently confirm that EastNets had been hacked. "It's a huge slap on the face of NSA", said Bulgarian antivirus expert Vesselin Bontchev in an email.

"The threat is very persistent, adaptive and sophisticated - and it is here to stay", SWIFT said in the November letter to client banks, seen by Reuters.

The slide referred to ASA firewalls.

"This is the equivalent of hacking all the banks in the region without having to hack them individually", says Suiche, founder of UAE-based incident response and forensics startup Comae Technologies.

The spreadsheet indicates that the NSA was interested in Al Hilal Islamic Bank, Al Quds Bank for Development and Investment, Arab Petroleum Investments Corporation-Bahrain, Arcapita Bank, the Dubai Gold and Commodities Exchange, Kuwait Petroleum Corp., Kuwait Fund for Arab Economic Development, Masraf Al Rayan, Noor Bank, Palestine Investment Bank, the Palestine Monetary Authority, Qatar First Investment Bank, Rasmala Investment Bank, Shamil Bank of Yemen and Bahrain, Tadhamon International Islamic Bank, United Bank and a few shared servers.

And while little is known about the so-called OddJob implant, it appears to have exploits for nearly every version of Windows 2000 and later, including some server editions, some of which may still work. Four of the vulnerabilities were blocked by comprehensive updates on March 14.

The exploits target a variety of Windows servers and Windows operating systems, including Windows 7 and Windows 8. The company's security systems are capable of detecting attacks against customers, and Microsoft in the past has monitored discussion about exploits on the Internet and also hired former intelligence agency veterans to help it devise programming to protect its software from encroachment.

He added that NSA "completely hacked" EastNets, one of two SWIFT service bureaus named in the documents that were released by the Shadow Brokers. Besides specific data concerning specific servers, the archive also includes reusable tools to extract the information from Oracle databases such as a list of database users and SWIFT message queries.

The Good Friday timing is especially bad because, as the LawFare blog points out, all sorts of juvenile hackers (known as "script kiddies") will be active over the holiday weekend, while many defenders will be away.

Related:

Comments

Latest news

Cardinal Cupich leads Walk for Peace
Benedict the African Church on West 66th Street and South Stewart Avenue on the city's South Side. Chicago had more than 760 murders in 2016, the highest number in nearly two decades.

Jose Mourinho eyeing shock move for Chelsea star Willian
That loss was United's last in the league and they have since gone on a 21-game unbeaten run - 11 wins, 10 draws - but it is a record that means little to Ibrahimovic.

Massive vigil held at North Park Elementary School in San Bernardino
The family of Jonathan Martinez, the 8-year-old student killed in the shooting, did not wish to speak publicly, Marsden said. Imbriani said he was friends with Jonathan Martinez who was killed along with his teacher, Karen Smith.

Steelers Antonio Brown says goodbye to owner Dan Rooney
So with the death of Pittsburgh Steelers owner Dan Rooney , it's not an exaggeration to say a king has passed away. Penguins players will wear special decals on their helmets in Rooney's memory.

AMD Ryzen 5 1600 & 1400 CPU Review
That's true whether you're looking at the gaming frame rates or the straight CPU performance in the rendering or encoding tests. Worth mentioning also is that the Ryzen 5 1600X PIB (Processor-in-a-Box) does not come with an included CPU cooler .

Other news