Data dump indicates NSA hacks in Mideast
PARIS — A new set of documents purportedly lifted from the U.S. National Security Agency suggests that American spies have burrowed deep into the Middle East’s financial network, apparently compromising the Dubai office of the anti-money laundering and financial services firm EastNets. The company said Friday that the documents were dated and denied that any customer data had been affected.
TheShadowBrokers, which startled security experts last year by releasing some of the NSA’s hacking tools, has recently resumed pouring secrets into the public domain. In a first for TheShadowBrokers, the data include PowerPoint slides and purported target lists, suggesting the group has access to a broader range of information than previously known.
“This is by far the most brutal dump,” said Comae Technologies founder Matt Suiche, who has closely followed the group’s disclosures. In a blog post, he said it appeared that thousands of employee accounts and machines from EastNets’ offices had been compromised and that financial institutions in Kuwait, Bahrain and the Palestinian territories had been targeted for espionage.
In a statement , EastNets said there was “no credibility” to the allegation that its customers’ details had been stolen.
The denial drew skepticism from those who’d reviewed the files.
“Eastnets’ claim is impossible to believe,” said Kevin Beaumont, who was one of several experts who spent Friday combing through the documents and trying out the code. He said he’d found password dumps, an Excel spreadsheet outlining the internal architecture of the company’s server and one file that was “just a massive log of hacking on their organization.”