Published: Sun, April 16, 2017
Technology | By Timothy Carter

Microsoft says users are protected from alleged NSA malware

Microsoft says users are protected from alleged NSA malware

Snowden, for his part, is pointing a finger at the NSA.

On April 8, the group published a batch of NSA exploits it had previously tried, and failed, to sell. Some of the records bear NSA seals, but Reuters could not confirm their authenticity.

Such a hack could have enabled the U.S. to covertly monitor financial transactions, researchers said. And this is not a statement to reassure the anxious populace as the company mentions that it has evaluated all of the exploits released in the dump.

The Swift network allows banks to move money around the world and the leaked files indicate one of its major bureaus, EastNets, may have been hacked.

EastNets ran a "complete check of its servers and found no hacker compromise or any vulnerabilities", according to a statement from EastNets' chief executive and founder, Hazem Mulhim.

But the contents of the leak appeared to suggest otherwise. The release was accompanied by the message "Don't forget your base".

Via that entry point, the agency appears to have monitored transactions involving several banks and financial institutions in Kuwait, Dubai, Bahrain, Jordan, Yemen and Qatar.

If the leaked files which are claimed to be NSA's spy tools are real, the information will pose a serious threat to the SWIFT network. As advised by Microsoft, people using previous versions of Windows prior to Windows 7 should start thinking about updating the computer's operating system.

A Microsoft spokesman declared for ZDNet that "We are reviewing the report and will take the necessary actions to protect our customers".

Beaumont said there was bad news in the release for Microsoft as well.

Shadow Brokers did not provide a coherent explanation of why they chose to publish the Microsoft and SWIFT vulnerabilities. Understandingly, customers have expressed concerns around the risk this disclosure potentially creates. These exploits are particularly troublesome because, by definition, they have not been patched. Past year hackers stole $81 billion Dollars from the Bangladesh central bank, which utilizes the SWIFT messaging system.

The latest dump doesn't just include a bunch of Windows 0-days, it also includes reports of NSA attacks on the world's banks through compromises to the SWIFT payment system. Belgium-based SWIFT said Friday that it had no evidence that the main SWIFT network had been accessed. However, the firm did concede to the possibility that the local messaging system of some of its clients could have been breached.

SWIFT is an global messaging network used by 10,000 banks in 212 countries to send information about financial transactions, including money transfers.

Experts believe that the blowback of the Shadow Brokers' latest release will likely leave the intelligence community reeling for quite a while.

Like this: