US may have hacked into ME banks

US may have hacked into ME banks

The Shadow Brokers-the mysterious person or group that over the past eight months has leaked a gigabyte worth of the National Security Agency's weaponized software exploits-just published its most significant release yet. The releases are published with odd and misspelled blog posts, and recent posts have been critical of the Trump administration. The company has checked its servers and found no compromise or any vulnerabilities. Hickey said it exploits Windows systems over TCP ports 445 and 139. Hackers use them to insert back doors for continued access, eavesdropping or to insert other tools.

The SWIFT service bureau, EastNet, appears to have made network design choices that reduced security and would make it easy to attack all of the banks attached to the network, said Tentler.

Reuters could not independently confirm that EastNets had been hacked. "It's a huge slap on the face of NSA", said Bulgarian antivirus expert Vesselin Bontchev in an email.

"The threat is very persistent, adaptive and sophisticated - and it is here to stay", SWIFT said in the November letter to client banks, seen by Reuters.

The slide referred to ASA firewalls.

"This is the equivalent of hacking all the banks in the region without having to hack them individually", says Suiche, founder of UAE-based incident response and forensics startup Comae Technologies.

The spreadsheet indicates that the NSA was interested in Al Hilal Islamic Bank, Al Quds Bank for Development and Investment, Arab Petroleum Investments Corporation-Bahrain, Arcapita Bank, the Dubai Gold and Commodities Exchange, Kuwait Petroleum Corp., Kuwait Fund for Arab Economic Development, Masraf Al Rayan, Noor Bank, Palestine Investment Bank, the Palestine Monetary Authority, Qatar First Investment Bank, Rasmala Investment Bank, Shamil Bank of Yemen and Bahrain, Tadhamon International Islamic Bank, United Bank and a few shared servers.

And while little is known about the so-called OddJob implant, it appears to have exploits for nearly every version of Windows 2000 and later, including some server editions, some of which may still work. Four of the vulnerabilities were blocked by comprehensive updates on March 14.

The exploits target a variety of Windows servers and Windows operating systems, including Windows 7 and Windows 8. The company's security systems are capable of detecting attacks against customers, and Microsoft in the past has monitored discussion about exploits on the Internet and also hired former intelligence agency veterans to help it devise programming to protect its software from encroachment.

He added that NSA "completely hacked" EastNets, one of two SWIFT service bureaus named in the documents that were released by the Shadow Brokers. Besides specific data concerning specific servers, the archive also includes reusable tools to extract the information from Oracle databases such as a list of database users and SWIFT message queries.

The Good Friday timing is especially bad because, as the LawFare blog points out, all sorts of juvenile hackers (known as "script kiddies") will be active over the holiday weekend, while many defenders will be away.

Related:

Comments

Latest news

Insider Trading at Micron Technology Inc.?
The share price has moved forward from its 20 days moving average 9.16% and positively from its 50 days moving average 16.52%. The sale was disclosed in a legal filing with the Securities & Exchange Commission, which is available through this link .

Zuma's Birthday Is Now National Day of Action
South Africa's economy has grown lethargically over the last six years and the jobless rate stands near record levels. On Change.org, the most successful political petition is also related to Zuma and has 42 683 signatures.

Newcastle Jets lose another coach
The Newcastle Jets made the announcement on Easter Sunday, less than 24 hours after Saturday's 2-0 loss to premiers Sydney FC. Newcastle had been on track to finish in the top six, before conceding 19 goals without scoring in a 10 game winless run.

Israel condemns Le Pen comments on roundup of Jews in WWII
Socialist presidential contender Benoit Hamon said that when Marine Le Pen "doesn't like history, she twists it". Jewish groups and the Israeli government criticised Le Pen. "It makes me throw up", he said on Franceinfo radio.

North Korea warns against U.S. 'hysteria' as it marks founder's birth
It said the Trump administration's "serious military hysteria " has reached a "dangerous phase which can no longer be overlooked". Analysts say the country appears to be preparing a missile launch or nuclear test that may coincide with the anniversary.

Other news