The mysterious tragicomic hacking group The Shadow Brokers continues to dump incredibly compromising cyberweapons and internal information looted from the NSA, accompanied by Borat-compliant gibberish that reads like someone trying to make you guess whether there's a false flag in play, and if so, who is waving it.
The latest dump doesn't just include a bunch of Windows 0-days, it also includes reports of NSA attacks on the world's banks through compromises to the SWIFT payment system. These reports -- and instructions for repeating the feats described in them -- target Middle Eastern banks.
Friday's dump also contains code for hacking into banks, particularly those in the Middle East. According to this analysis by Matt Suiche, founder of Comae Technologies, Jeepflea_Market is the code name for a 2013 mission that accessed EastNets, the largest SWIFT service bureau in the Middle East. EastNets provides anti-money laundering oversight and related services for SWIFT transactions in the region. Besides specific data concerning specific servers, the archive also includes reusable tools to extract the information from Oracle databases such as a list of database users and SWIFT message queries.
"This would make a lot of sense that the NSA compromise this specific SWIFT Service Bureau for Anti-money laundering (AML) reasons in order to retrieve ties with terrorists groups," Suiche wrote. "But given the small number (120) of SWIFT Service Bureau, and how easy it looks like to compromise them (e.g. 1 IP per Bank) — How many of those Service Bureau may have been or are currently compromised?"
Suiche also found evidence that Al Quds Bank for Development and Investment, a bank in Ramallah, Palestine, was specifically targeted.
NSA-leaking Shadow Brokers just dumped its most damaging release yet
[Dan Goodin/Ars Technica]
Remember when Malcolm Turnbull, the goddamned idiot who was briefly Prime Minister of Australia, was told that the laws of mathematics mean that there was no way to make a cryptography system that was weak enough that the cops could use to spy on bad guys, but strong enough that the bad guys couldn't use […]
Peter writes, "ThingsCon, our Berlin-based non-profit for a more responsible IoT, launches a trustmark for IoT - the Trustable Technology Mark. Cory gave some input to it a while back already, and finally it's launch day: We want to highlight the best work in IoT, the best/most respectful of users' rights, privacy and security. It's […]
How bad is the Marriott/Starwood breach disclosed today? “Unauthorized access to the Starwood network since 2014 … For approximately 327M of these guests, the info includes some combination of name, mailing address, phone number, email address, passport number.” Marriott says information from as many as 500 million people has been compromised, and credit card numbers […]
So you’ve got a good eye for pictures? We’ve got a good eye for deals. And this holiday, there are some solid deals out there for photographers. Check out some of our favorite recent discounts on gear, software, and e-learning for photogs of any experience. Gadgets RevolCam: The Multi-Lens Photo Revolution for Smartphones This […]
Take a scroll through any app marketplace and you’ll see that the doors are wide open for any game these days – and any game developer. Like any creation, virtual or analog, it all starts with an idea. And if you’ve got one of those, the Complete Unity Game Developer Bundle can walk you the […]
At the rate the world is shrinking, you don’t need to be a globetrotter for a second language to be a useful skill. And if you’re looking to learn that second language (or a third, or fourth), uTalk Language Education is the learning program that makes progression not only easy but fun. If you can’t […]