The hacking group also released details on hacking tools used by intelligence agencies that targeted Windows systems and servers.
Yesterday’s data dump contained tools for hacking various Windows OS versions, and documents revealing the NSA’s alleged implication in the hacking of several banks around the world, and EastNets, one of the SWIFT departments managing and monitoring SWIFT transactions across Middle East banks.
The group also published another set of documents that indicate that NSA penetrated the SWIFT banking network in the Middle East. Since the Shadow Brokers previously said they had obtained NSA exploits, the agency was likely aware of the potential for these hacks to be exposed to the public.
However, SWIFT and EastNets told reporters that there has been no unauthorized access so far on its networks.
Microsoft told CNNTech no one from the government had contacted it about the exploits listed in the dump. Belgium-based SWIFT on Friday downplayed the risk of attacks employing the code released by hackers and said it had no evidence that the main SWIFT network had ever been accessed without authorization.
But the organisation said that the local messaging systems of some Swift client banks had been breached.
Previous year hackers stole $81 billion United States dollars from the Bangladesh central bank, which utilizes the SWIFT messaging system.
The Shadow Brokers are back with another batch of hacking tools allegedly from the National Security Agency that includes Microsoft zero-day exploits and backdoors into SWIFT banking system service bureaus.
The documents appear to show that the NSA compromised the Dubai office of the anti-money laundering and financial services firm EastNets.
As Microsoft mention in the blog post, it has already patched most of the exploits released by the hacker group, which means you’re safe to use any version of Windows 7 and above. “The EastNets Network internal security unit has ran a complete check of its servers and found no hacker compromise or any vulnerabilities”, it said.
The concerns surrounding the transparency of the NSA and its duty to warn a company of an impending attack puts the Vulnerabilities Equities Process (VEP) into question.
Both TechCrunch and Wired said they had received no comment from either the NSA or Microsoft.
Shadow Brokers did not provide a coherent explanation of why they chose to publish the Microsoft and SWIFT vulnerabilities.
SWIFT said in a statement that the allegations involve only its service bureaus and not its own network. And EastNets, based in Dubai, denied it had been hacked in a statement, calling the assertion “totally false and unfounded”.
The hacked tools alarmed famous U.S. whistleblower Edward Snowden, who first uncovered the extent of NSA’s illegal spying in 2013.
Former NSA intelligence contractor Edward Snowden talks to a security conference via a video link from Russian Federation.