Besides a cache of potentially damaging zero-day exploits against many versions of Windows, another element of today’s Shadow Brokers release is a folder titled SWIFT. Inside, it has documents listing the internal structure at EastNets, a Dubai-based bank and anti-money laundering organization. Banks use the SWIFT messaging system to transfer trillions of dollars every day, and if the documents released are accurate, it appears the NSA wanted access to monitor transfers between banks in the Middle East.
— Mustafa Al-Bassam (@musalbas) April 14, 2017
Security researcher Mustafa Al-Bassam tweeted that the NSA hacked EastNets “inside out.” Curiously, despite the detailed information released, EastNets put out a statement claiming its systems are secure. According to the company, “The EastNets Service Bureau runs on a separate secure network that cannot be accessed over the public networks. The photos shown on twitter, claiming compromised information, is about pages that are outdated and obsolete, generated on a low-level internal server that is retired since 2013.”
— Edward Snowden (@Snowden) April 14, 2017
Reuters reports that SWIFT also claims there’s no evidence its network has been accessed. Meanwhile, Matt Suiche looked through the documents and writes about what they show, and why EastNets would be such a good target. Back in 2013, Der Spiegel reported that documents released by Edward Snowden showed the NSA targeted SWIFT and Visa, and set up its own financial database to facilitate the spying program.