Who Invented Bitcoin? – Site Title

Shadow Brokers release NSA hacking tools, but were the tools used in a series of bank robberies involving the SWIFT transfer system?

Shadow Brokers Leak Reveals The NSA's Deep Access Into SWIFT Banking Network

In August of 2016, a group calling itself the Shadow Brokers emerged with a treasure trove of purported NSA hacking tools. The group released only a small portion of its take and eventually tried unsuccessfully to auction the good stuff. When no one offered to pay, Shadow Brokers decided to give it away for free.
In an enterprise setting, however, disabling the Windows Firewall and allowing remote desktop connections is quite common. That's where these exploits were designed to work, and the Shadow Brokers data appears to reveal that the NSA used these tools against at least one eyebrow-raising target: a SWIFT bureau in the Middle East.
Following The Money
As part of the Bush administration's War on Terrorism the Terrorist Finance Tracking program was set up. Under TFTP, the U.S. gained the ability to monitor transactions carried out via SWIFT. Why target SWIFT specifically? There are upwards of 11,000 banks in 200 countries that use it, and they exchange around 15 million messages a day. If you need to keep an eye on large amounts of money moving internationally, SWIFT is the key.
•••
A leaked PowerPoint slide appears to confirm that the NSA had successfully set up backdoor monitoring on 9 banks running SWIFT Alliance Access (SAA) servers. At least three others at another SWIFT Bureau were targeted, but they had not been compromised at the time of creation of the PowerPoint presentation in 2013.
A Rundown of the Biggest Cybersecurity Incidents of 2016

Most expensive attacks: Leoni and Bangladesh Bank

Large multinational companies are the prime targets of Business Email Compromise (BEC), which is a type of online scam that usually begins with an attacker compromising a legitimate email account and tricking the company’s financial officer to wire funds to their accounts. Typically the companies that fall victim to these scams deal with foreign suppliers and habitually use wire transfer payments. Victims of BEC scams have increased 270% since the start of 2015, and this year saw one of the largest amounts lost by an enterprise. Read more

Biggest attack vector in finance: SWIFT

The Society for Worldwide Interbank Financial Telecommunication (SWIFT) is a global transaction messaging network used by banks and other financial entities such as foreign exchanges and investment firms. Unfortunately, this year saw attackers targeting SWIFT clients, compromising and manipulating organizations into sending fraudulent money transfer requests. It’s unclear how many of these attacks were actually successful, but in June, SWIFT sent its clients a letter warning them about the possible dangers. The organization also urged clients to update their software and tighten their cyber defenses.
Shadow Brokers Dump Alleged Windows Exploits and NSA Presentations on Targeting Banks
The post includes a link to a selection of files and folders. One sub-folder called "exploits" includes executable files with apparent codenames such as "Eternalsynergy," "Erraticgopher," and "Emeraldthread."
•••
"This is phenomenal data, it has all the hallmarks of slickly produced internal attack tools," Hacker Fantastic continued. "I am certain that analysis on this data will turn up another 0day [zero day]."
Security architect Kevin Beaumont told Motherboard in a Twitter direct message, "All of the Windows implants are new to VirusTotal [an online file scanning tool], which suggests they've not been seen before."
Targets of NSA hacking operations may also be able to determine whether they were compromised thanks to these new files. Cybersecurity company Symantec recently did something similar but with details of alleged CIA hacking tools released by Wikileaks.
Another section of the [dump]( (https://gist.github.com/misterch0c/08829bc65b208609d455a9f4aeaa2a6c) includes several alleged presentations marked "TOP SECRET" concerning "[JEEPFLEA_MARKET](
)." According to a previous analysis by Electrospaces.net, which searches through previously released government documents including the Snowden files for additional clues, Jeepflea is a hacking project from Tailored Access Operations (TAO), the NSA's elite hacking unit.
NSA's powerful Windows hacking tools leaked online
Shadow Brokers leak NSA documents that may reveal operation aimed at Middle Eastern banks
So here are the dots not being connected...
In 2016 Shadow Brokers placed a trove of NSA hacking tools up for sale last year. On 08.17.16 wired reported that that stolen NSA exploit tools were being held hostage for a Bit Coin pay out. When no one came up with the ransom the Shadow Brokers began selling the apps individually for prices that range from 1 to 1000 Bit Coins.
This is only half the story because prior to the release of the information in August 2016 maybe as far back as several years a series of attacks and robberies through the SWIFT system occurred.
Swift Hack Probe Expands to Up to a Dozen Banks Beyond Bangladesh
That Insane, $81M Bangladesh Bank Heist? Here’s What We Know 05.17.16 - 7:00 am
Once Again, Thieves Enter Swift Financial Network and Steal
New details about a second attack involving Swift — the messaging system used by thousands of banks and companies to move money around the world — are emerging as investigators are still trying to solve the $81 million heist from the central bank of Bangladesh in February. In that theft, the attackers were able to compel the Federal Reserve Bank of New York to move money to accounts in the Philippines.
The second attack involves a commercial bank, which Swift declined to identify. But in a letter Swift plans to share with its users on Friday, the messaging network warned that the two attacks bore numerous similarities and were very likely part of a “wider and highly adaptive campaign targeting banks.”
FOURTH bank hit by SWIFT hackers
Evidence is emerging that the SWIFT (Society for Worldwide Interbank Financial Telecom) attacks began as far back as October 2015 when the Philippines bank was first hit, two months prior to the discovery of the failed attack on Tien Phong Bank in Vietnam.
There are many more articles beyond these, but what it looks like is the Shadow Brokers or some associated individuals pulled off a series of bank heists prior to releasing the applications to the open market. That also open the question of what the NSA was doing with the applications? They could have have been tracking "suspects" but it seems they could have also been moving money for any reason they chose without records being left in the banking system. The possible exploits were only exposed after a series of bank robberies exposed the power of the tools the NSA had developed.
It seems once again crimes have exposed the government's illicit powers concealed by the intelligence community (IC). It is entirely possible that the tools were used legally and only to expose private records of terrorists and spies under FISA warrants, but who knows. The only thing that exposed these exploits was the theft. Kinda makes ya wonder, huh?
The evidence and the different styles of hacking listed in the articles about the bank heists suggests that an initial group stole some NSA hacking tools and pulled off the Bangladesh heist. They may or may not have done Ecuador or the Philippines but it seems that at some point the exploits were sold on the open market, but that does not exclude some clandestine deals with other groups that also have employed the exploits. Once the initial 81 million was stolen they distributed the exploits to other groups who may have also attacked the SWIFT system and other targets to make forensics on nation state level zero day attacks that much more difficult. Several groups attempting independent attacks increased the attack vectors making identification even more difficult. It also appears that the hackers may have targeted banks that had the Trojans installed initially. So why would they go for relatively small scores when they essentially owned the SWIFT system. Could the hackers be attacking networks already infected with the Trojan.
It really makes sense when you think about the banks they hit. The NSA installs the Trojans to "observe" suspected transactions. The hackers obtain the exploits, found the Trojans phoning home and used them to own the infected systems, modified the attack vectors to transfer money. Why not skip the phishing attack when there was already infected banks. Take the path of least resistance that leads back to someone the American government would never admit lead away from the hackers.
Of course that means anyone including the IC could have manipulated transactions, but hey that wouldn't have been a robbery would it. Really the tools could have been used to track transactions, but they could have facilitated the IC surreptitious movement of money to fund operations.
In all reality it was very clever, make a score, don't get greedy, prevent the creation of a M.O. to narrow investigations and identify the perpetrators. But identifying clever when they managed to steal exploits from the NSA and could use the exploits to attack the banking system. Just the fact that they can't be identified means they are pretty slick and the exploits are not for the novice user. There were some skills at work here.
What else was done with the exploits and who are they?
Shadow Brokers Group Releases More Stolen NSA Hacking Tools & Exploits Saturday, April 08, 2017
Besides dumping some NSA's hacking tools back in August 2016, the Shadow Brokers also released an encrypted cache of files containing more NSA's hacking tools and exploits in an auction, asking for 1 Million Bitcoins (around $568 Million). However, after failed auction, the group put up those hacking tools and exploits for direct sale on an underground website, categorizing them into a type — like "exploits," "Trojans," and "implant" — each of which ranged from 1 to 100 Bitcoins (from $780 to $78,000). Now, the Shadow Brokers has finally released password for the encrypted cache of NSA's files, allowing anyone to unlock and download the auction data dump.

CrDj”(;Va.*[email protected])#>deB7mN

THE SHADOW BROKERS MESS IS WHAT HAPPENS WHEN THE NSA HOARDS ZERO-DAYS AUTHOR: ANDY GREENBERG 08.17.16. - 8:34 PM
Everything you need to know about the NSA hack - but were afraid to Google
Shadow Brokers leak systems hacked by NSA – mostly mail and uni servers in India, China
New leak suggests NSA penetrated Mideast banking networks By RAPHAEL SATTER

Sunday April 16, 2017 click here for archives
☰ Latest News
CoincidenceTheorist
-23-
submitted by J_Dillinger to WikiLeaks [link] [comments]

Transcript of George Webb Video Series Part 308 "Hillary's Leakers, Hackers, and Henchmen" [@Georgwebb / #HRCRatline]

  • {{ 911: NOTE: I'm going to give up on transcribing videos so carefully with back and forth with Taskforce. She's too low volume to get autotranscriptions and also too difficult to understand in some cases, and both of you talk very quickly so I can't type it up, sorry. I just can't do it. You produce too much time of video. I might just pick out unique entities and list them in these long live videos, since that's what we're after }}
  • Day 175.1 Cohen-Pinchuk Raid Just Gives Up More Clinton Oligarchs - YouTube
    • It's day 175
    • And Daily Caller gets credit for being the first alternative media site to be first out with a real reason for the raid on Trump's lawyer's office Michael Cohen's office
    • And that is to try to dig up dirt on Trump
    • This is the hundred and fifty thousand dollar donation to Trump's charity
    • And of course it ignores the millions of this Ukrainian oligarch's contributions to the Clinton Foundation, which is the same MO that we've seen over and over:
    • Accuse someone else of what you did only make sure that there is at least some shred of evidence {{ Party of Projection }}
    • And this is going to be the key from here on in
    • And thank God Bob Mueller keeps exposing Hillary's Ukrainians and Hillary's Russians
    • And Bob Mueller is actually doing a good job of not only exposing Hillary's Russians and Hillary's oligarchs and Ukrainian oligarchs, but also they're hacking teams, and also [exposing] the MO of using hacking teams to steal money for these oligarchs
    • So this is the gift that keeps on giving with Mueller
    • Now, admittedly he's doing it by accident
    • But in no way do we want to stop Bob Mueller from doing what he's doing
    • Now, there's other folks that said isn't this CrowdStrike really covering their hacking teams?
    • Crowdstrikes hacking teams are called the "Bears"
    • There's different hacking teams usually in teams of 12
    • The Cozy Bears [are] maybe the Awans
    • The Fancy Bears maybe Suschin
    • And there's about six hacking teams at that Trump just threw out of the country is
    • Were they the hacking teams of these millionaires?
    • Is Trump gonna go after all the millionaires and all the millionaires hacking teams?
    • We don't really know that yet
    • But what I did was I put together a quick playlist for all these different entities
    • So that people could get up to speed on who these different entities and aking teams are
    • Or just do a quick refresher
    • So if you don't remember Victor Pinchuk
    • And the Brooklyn Nets etc there's a quick playlist there if you don't remember CrowdStrike and they're role in the DNC
    • And their role really through this the last almost well let's see 20 years either as a corporation or as a loose confederation in cabal inside the FBI, then you have that
    • And then of course Deripaska will add other ones as they come along
    • Friedman certainly will come along
    • Pinchuk will certainly come along etc as well as
    • Now, we also can kind of do threads of playlists through all the different videos we've done with the NGA and different departments
    • And Deep State actors that the that these players that this kind of McCabe Brennan cabal used to destroy people, either through surveillance or what have you
    • And I've created playlists for them
    • Of course there's an Epstein playlist
    • PDD-62 is this idea of using surveillance to crush people
    • So there I created a playlist there
    • EB-5 is the way of getting resources into the country, to man your surveillance etc
    • And then you can go all the way down here to even Uranium One etc
    • To understand how machinations of these criminal actors go
    • And finally I would say there's some ugly attacks yesterday from other YouTube channels as well as other folks that potentially are related to me
    • And all I would say there is did we expect any different?
    • Do we expect that these these conspirators, this Brennan McCabe cabal wouldn't have actors and a voice
    • And actress to act out what they've actually already said in private
    • That they've already said it in in writing to destroy the careers of FBI agents...
    • The ugly attack against Robyn Gritz yesterday was really nothing more than giving voice and action towhat McCabe has already done to Robyn Gritz administratively
    • So it is ugly as it was at least we all saw it for the ugliness that it was
    • And it really was almost a complete recapitulation of Andrew McCabe's actions toward Robyn Gritz
  • Day 175.2 Atlantic Council - What Can Our Crowdstrike Bears Hack For You Today? - YouTube
    • It's day 175
    • And this is part two
    • And a lot of people say Oh George you're trying to be this white knight--rushing to every damsel in distress that needs help
    • Robyn Grit and others--all the female reporters in in Turkey
    • And Syria with Serena Shim, and Shiba Gardi and Vanessa Beeley--Eva Bartlet etc
    • well I'm going to be fair
    • And even-handed today to talk about Irina Chalupa one of the key conspirators she's a woman from the Ukraine, or the key conspirators in the Trump Russia narrative
    • Her sister--if it really is her sister--Alexander Chalupa who is a operative for the DNC
    • She's the one who keeps dropping the Chalupas in Obama's lap
    • Saying oh by the way Mr. president were full flight into and surveillance campaign
    • Do you want us to go public with it and leak it to the press, or do you want to sign off on it?
    • And so your choice is basically a John Brennan embarrasses your administration with yet another leak or you can go ahead and sign this paper here on August 29 2016 Mr. president
    • This has been Brennan and a Clapper and Hayden used these women over and over
    • Again, to do their dirty work they hide behind them
    • They're cowards of course, so they make the women be the brave ones
    • Here's Evelyn Farkas
    • Again, yet another apparatchik among us in the State Department
    • And Department of Defense that wants Trump investigated
    • She was the foremost fixer if you will in Ukraine
    • And these folks all know each other well from the Atlantic Council
    • So here she is Evelyn Farkas she may have remember herself uh outing herself on MSNBC saying hey I'm one of the key conspirators in the Russia-Trump hoax
    • So you keep going here Susan Samantha Power
    • Of course Cass Sunstein sends her in
    • The 260 different on maskings in a breathtakingly short period of time: two months
    • Evelyn Farkas was the one who said let's get as much as we can, dirt as we can, as fast as we can, let's collect it all
    • So rou literally everyone wearing wingtips in Washington got in in New York anybody, associated with Trump, or Trump's babysitter's: were all tapped
    • This is going to be the most embarrassing of that in our country's history
    • It's going to make water well in the words of calls from this is 30 water gates I think it's more
    • But FBI director Kallstrom may it hit it on the head this is 30 watergates
    • But what I like to do is drill down, and say what unites all these folks?
    • Where do they all meet?
    • They all meet in Washington DC over 15 on 15th Street not far off Pennsylvania Avenue at a place called the Atlantic Council
    • And the International Advisory Group to the Atlantic Council is where I always go when I want to get the dirt
    • Here's Viktor Pinchuk here he is making oil deals he was a member of the Ukrainian Parliament
    • But he's a always giving bribes $100,000 bribe $250,000 bribes
    • And it's rinsed through the Atlantic Council
    • Now, Rupert Murdoch's office is oh it's also on that council
    • And also on that Advisory Board
    • His office just got raided
    • Is that why they raided?
    • It is it really CrowdStrike trying to clean up the mess it's a really crowd strike trying to strike the crowd yet again?
    • Here's Ernie Moniz for us to part of energy some people call him earnest money money Tom onna ties
    • I think Eric Shinseki of VA a lot of folks go into the Democratic positions
    • Here of courses Hagel going into deep DoD Greenberg
    • I'm sure that's a person that's related to Mr. Greenberg of are good friends of microloan Fame down in Asia
    • So if you go through here it's just really
    • Here's Edelman the PR firm that kind of destroys different groups with it's sort of a Fusion GPS a domestic Fusion GPS
    • I think the pipelines was the last time they really got involved
    • But basically these groups are adept at destroying opposition political opposition, destroying people, much as Fusion GPS does all over the world
    • And of course here you've got general Clapper on this board
    • Now, you're gonna have a lot of influence George Soros
    • And all the other SEIU Beetles
    • And of course Carl Bildt
    • Here's our Carl Bildt organizing the invasion sort of a MAVNI for Europe sort of bringing in all these operatives these trained Military Intelligence operatives gangs if you will or trained trained Gladio teams into Europe
    • So there's Carl Bildt
    • Everything that you would want on one on one team to put it all together
    • This is the list of people buying pay-to-play overseas from the US State Department
    • And of course it wouldn't be complete without Madeleine Albright
    • And her shadow Secretary of State which is Hillary Clinton
  • Day 175.3. Task Force Sources McCabe Home in Chappaqua Four Months Before MSM - YouTube
    • The orientation is locked
    • So you'll have to see more of me
    • And less of Chicago good morning Chicago
    • So obviously we're downtown
    • And we had some big successes this morning
    • Task Force has a right to claim big success
    • The Thomas Paine article is out
    • (Rahm? Rahm? It looked like Rahm my hip we have the nurse's outfit on again.)
    • (I do have the Bitcoin we're gonna go down to Daley Plaza we're gonna try to get him to Bitcoin I sure hope he's there)
    • So Thomas Paine is out with a big story today about the two decades well actually a three decade relationship between Hillary Clinton and McCabe
    • But this one is--oh by the way look at my look at my t-shirt "spy ring in Congress"
    • This is made by Bernie Bridges
    • And Bernie Bridges told me this morning she's taking all proceeds of anything that she sells and donating it to someone you know and love
    • So anyway hey everybody
    • So if you haven't heard the big news today, the story of that Task Force did and we did
    • But Task Force found it
    • I did a story December 2nd 2017 about Andrew McCabe living right down the street from Hillary Clinton
    • I published photographs
    • I said I don't think Andy actually lived there much
    • I think was the spy house it was the hacking house to defraud HEY
    • Defraud or scare the living bejesus out of different people in New York
    • Threaten them with SEC action in order to take their businesses away from them
    • Or they could use soft power
    • Soft power is getting Hillary Clinton a campaign contribution
    • This is for Senate!
    • This is for Senate
    • 1998
    • The house was in Chappaqua in 1998 you can read Thomas Paine's article about that four months later now
    • Now, it has come to his fact-checking network of FBI folks
    • And X FBI folks there's a network folks
    • Like I said way back when there's a network, and it's real
    • And now, when people see this corruption for what it really is that this has been
    • And again, Thomas Paine said three decades
    • If you go back three decades I still say Andy was the one who went into the evidence cage for the going all the way back 1996
    • I want to say for the Oklahoma City bombing investigation
    • I believe the current ODNI chief is Dan Coates
    • I believe he was the running now
    • The Congressional committees on that they had reprisals against Dan Coates
    • But you're gonna find Andy was a guy who went into the evidence cage
    • I'm gotta say 1997 there was a there was an FBI whistleblower at the time
    • And I can't remember his name
    • But I printed several times when I do if you go to my PDD 62 playlist it's in there I list all the whistleblowers over
    • And over when I list the PDD 62 documentation
    • So if you want to go there you can find it I'm gonna do a lot more playlists because there are there are
    • So many gems like this which just totally blow up the narrative
    • And I'm talking about taking down the whole narrative, with just one fact
    • Hey they've known each other and been neighbors for two decades
    • Jill McCabe as well living right there
    • And Andy didn't disclose it
    • And he did not disclose right James Comey put out you got to get it now, because it is going to get taken down from from Twitter
    • The one ninety know this isn't the one ninety these aren't the one hundred ninety whistleblowers
    • This is the this is Andy McCabe buying a home in Chappaqua just down the street
    • It's got all kinds of cables running out of it
    • I said this this is hacking team hacking team hacking team
    • Was that where the Awans started? We don't know
    • WWas that where Suschin and the fancy bear started?
    • We don't know, but we now know that I told four new viewers they probably don't remember me talking about when I worked at McAfee
    • Or we were taking we were a company taken over by McAfee--Network General I worked there in 1999
    • And there was a hacking team of 12
    • Russians from Moscow
    • They worked in the weapons they worked in cyber weapons in Moscow
    • Now, I've talked about this a lot
    • People have forgotten it
    • But go back I'll have to do I have a CrowdStrike playlist--you can watch kind of going back all the way
    • But I said these guys are they're making viruses! in order to sell antivirus software, at the end of every quarter!
    • It was a criminal activity
    • Bill Larson was a CEO
    • Bill I'm calling you out as a criminal!
    • I reported a channel stuffing at the end of quarter
    • I got nice I got set up real nice for that
    • That's 1999 that was the first team of 12
    • Now, I don't know if there was teams of 12 before that or teams of 12 after that well there obviously was a lot of teams of 12 after that
    • Trump just kicked six teams of 12 out
    • But getting back to the McCabe we don't know if the hacking team was there I don't think it was a nice enough house to be honest with you--you got to talk really loud though because that the bus is that I know I mean Chappaqua is a very small community
    • And I know it's in a community of like 1,400
    • And it's something like you have to look at true pundit's article this ago 1,400 kind of elite community a mile from Hillary Clinton's house her house is probably very nice I'm assuming
    • So I don't know I know he's sold or resold
    • And refinancet it also in 2013 I have those documents and
    • So there I don't know the condition of that house or its value
    • I know what he sold and resold it for
    • I don't know what that money from 1998 to 2013 what happened during that time
    • G: the timing to me makes sense to having a hacking team house like at Awan type house for the run-up to Senate
    • And of course going up against Joe John F Kennedy John F Kennedy jr. right that's why she they move to chat they John house in Chappaqua to specifically establish residency what you have to have to run for Senate
    • She was the first lady John F Kennedy jr. was running as that New York Senator
    • And they bought a house in Chappaqua to run against him
    • And prevent him from winning that seat
    • And then that's when his plane somehow fell from the sky
    • G: right right
    • And the reason why he sold it in 2011 to a Burgess to its 2013 to purchase to a Burgess removed from the database well it's that's alright it's it's still out there the story is still out there Peter purchase
    • But it mister NBC CBS or whatever
    • And he's--NOC buddies right I don't want to say any did the we had anything to do with--JFK jr. by the way I don't want to say that I just said few Task Force just talking about timing
    • But what we do know is
    • And I'm sorry about the portrait here I wanted the landscape
    • So you can see Chicago not well I guess you get to see spy ring in Congress
    • But the patterns the patterns the modus operandi is what's important here the hacking teams of 12 the safe houses
    • The thousands of wires running out
    • The removable hard drives the thumb drives
    • All this stuff was was worked out in the Senate campaign way before they ever got to Washington
    • Then they sell the house after Hillary's in the Senate twice for the run up for the presidency
    • She doesn't want to run for Senate
    • Again, she wants to be president
    • So they sell the house in 2013 to Burgess
    • And cash out--and some NOC fund, some CIA NOC fund caches Burgess out
    • And then they come to Washington
    • So it that's a big story today
    • And that's a huge story
    • And we got to do more playlists that pick up a lot more of Jenny's stuff a lot more Taskforce stuff--the problem is is I got used to introducing you by your fake name to different people and
    • Now, I got
    • Now, I've got the bug
    • Now, I got the other fake name
    • So there you go
    • So anyway there's lots of stuff
    • So we're gonna have to go through
    • And we did the Deripaska I did the Deripaska that's the derringer coming out of the pasta
    • We all these guys all these guys go back to Prokhorov
    • Pinchuk
    • Deripaska
    • The original 12 Andy Andy comrades running Kompromat all go together
    • So Prokhorov was the guy who was going to launder the money through the sports teams
    • Pinchuk was the more the oil energy kind of guy
    • They did minerals through Deripaska through ???
    • They had they had a funnel for all the drug for weapons business they had
    • And their selling of the secrets they had funnels for all the different ones all the different Russians represented different money laundering funnels
    • Do you want to add to that?
    • TF: I just want to give a shout-out to Thomas Paine
    • And True Pundit because it's amazing article people should try to find in read
    • And we will read retweeted out he's just that Thomas Paine
    • And true
    • But it is great great investigative work
    • And people really need to follow that
    • So yeah that is a good shot
    • And he did say something about the attorneys
    • I mean the Inspector General living in that neighborhood
    • And I didn't think Horowitz lived in that neighborhood
    • The Inspector General has ER Doc's so
    • Now, how does the Inspector General leave this out Comey sent out a blanket email to all the FBI saying there's no conflict of interest here in McCabes
    • And know how to Clinton's right no conflict of interest oh well I forgot to mention my kid mows their yard
    • And we're we're close enough to--borrow cups of sugar from each other, you what I'm talking about sugar--
    • And Jill McCabe's a doctor there I don't know she brings sugar to the party
    • I'm not saying she seems like a very nice woman
    • She seems like a very nice woman caught in a horrible horrible thing
    • And Hillary it's always the same thing
    • Hillary always takes it to the next level there are no limits for Hillary
    • McCain stopped at dirty weapons
    • Comey stopped at dirty weapons
    • Hillary does not stop at anything to win she does not stop at anything
    • So we're gonna go down we're gonna try to get Rahm
    • And we'll talk about the network of people she built in the United States with the help of Andy to sell to get this Bitcoin
    • We'll talk about that in a little bit--that's gonna come out
    • But for right now, we got to get Rahm his Bitcoin we'll see you a little bit
  • Day 175.4. Rahm-Com - YouTube
    • Orientation is locked again, oh well
    • well here we are sorry about the portrait orientation
    • We've got the Picasso oh there you can obviously see that they made modifications to the back part of it
    • They've spring-loaded all the wiring
    • And they've made the law advance started up here now,
    • And I'm here with Task Force the band everyone asked what the heck did he get all that Bitcoin?
    • Well if you kind of line all this stuff up
    • 1998 late 98 when the house is bought, when Andy McKay buys the Chappaqua house right right
    • And I'll try to get more of Rahm in here and less of a spy ring in Congress is when all this stuff happens
    • You have a hacking team that goes into Chappaqua to extort money which we will be coming out and talking about
    • But it's the group out in the Long Island house for the SEC
    • I was in New York for a couple of years
    • And we had I had a building I was in a building where the SEC enforcement division was just out of coincidence
    • And there so we had a hacking team of 12 up there
    • Then we had a happy team go into Congress right about the same time right
    • we had Rahm Emanuel go into Congress in 1999
    • We had Anthony Weiner going to Congress in 1999
    • And it kind of became the foundation of this let's just call it the "Bitcoin kids"
    • The Bitcoin kids
    • This is before Bitcoin
    • But I'm just saying a lot of times when you get money from illegal operations beyond the dark weapons beyond even things that have the color-of-law, you need to hide it in into things like Bitcoin
    • So I'm gonna just set the stage here for for why things happen the way they did
    • Hillary moves to the Senate in 2002
    • TF: right well after Bill and Hillary leaving the White House
    • Number one Rahm Emanuel was part of Bill Clinton's White House
    • So people need to remember that way back
    • As was Podesta--they were both inside the White House very close very close and
    • So Hillary then decides to she's going to run for Senator, simultaneously as she's leaving as first lady
    • So she needs to establish residency in order to represent, you have to establish residency
    • So they buy the house in Chappaqua we're in the same year were ending McCabe is first located in Chappaqua at a house down the road
    • JFK jr. was running in that Senate position
    • And that New York's in a position Hillary decides to buy house now, and she would have to explain the reasons why she chose there
    • But she chose there to run in that district to run against JFK jr.
    • We all know what happened I don't know I'm not getting into all that
    • But we all know what happened to JFK jr.
    • And in that election, when JFK jr. unfortunately passed away, Hillary Clinton won that Senate seat
    • And became on the Senate Armed Services right out of the White House
    • Now, do you think the Chappaqua house could have been a reminder of like Chappaquiddick, because they do sound so similar
    • Like, remember what happened your brother at Chappaquiddick?
    • John-John, right you might want to sit this one out?
    • I mean maybe there's a little bit of a--a little bit of a WINK threat there shuttle going on subtlety's?
    • Well we do know that we did a story about this December 2nd 2017
    • And there was a fire at the Chappaqua house, right?
    • About a day or two later
    • I remember at the Hillary's chef Hillary's Chappaqua house
    • We did the story of December 2nd and that which is breaking big now
    • And there was a fire right at her house right maybe a day later yeah maybe a day later
    • So you could check the records for when there was a fire at the Chappaqua house
    • Now, it just so happens I when I went to Chappaqua with a thumb drive, this is gonna start getting more relevant
    • I hope we weren't on camera that whole time?
  • Day 175.5. Chicago RiverWalk Live With Task Force - YouTube
    • {{ RAW transcript only with autoreplacements }}
    • You're not familiar with Chicago you've kind of got the bridges in a little bit higher level
    • And then just on the other side of this wall here is where Bernie Bridges works with all of our homeless quite a bit of homeless just right here on the other side Bernie Bridges is out on her bridge on the Kennedy today talking about working with the spy ring in Congress
    • So we've got that a spy ringin Congress shirt Bernie Bridges will sell you a spy ring in Congress shirt if you want to inspire a in Congress shirt Bernie Bridges is your girl
    • So here we are with Task Force I know it's gonna be a little bit windy down here by the river
    • But it's worth it if you're over here Task Force I think we're good
    • And then you can speak right into the microphone here
    • So let's just go through a couple of the well first of all congratulations on your success today today I know how it feels to be well I don't be humble I know how it feels to be in the middle of a story
    • And then when this story goes big this happen with me with a hard drives I think you're having your hard drives moment--where you go for 200 days people don't believe you don't believe you from for you as a little bit shorter is about four months
    • But then vindication came today when people did discover that Andy did have a house of Chapel right yeah I think--just doing putting all the research in there's a lot of documents
    • And stuff that you're trying to weed out
    • And figure out what's most important
    • And you stumble upon something like that
    • And you tried it I be I've tweeted it I sent it I to about a thousand different people how many people I sent it directly into people inside Washington people don't believe it could be possible
    • And then when it breaks something big it's like just it works--in the ends the research pays off
    • And the most important part is the truth that's what we're all about
    • So
    • And she's very humble about it
    • And doesn't want it wants the credit Thomas Paine really for verification because it's really those FBI agents that have retired that want the best for the FBI that really do kind of make the story because they verify it they sure that the truth is going out there
    • And it kind of as that final fact check not not from just--regular people who--who are suppressed kids who want to get to the next self-congratulatory oh by the way we're right under Trump Tower here not just those kids
    • But real real Intelligence service professionals who can say yes this is exactly what happened
    • And this is I mean they're trying to bury it already right they're trying to bury the story already things like that you know
    • Again, I just I give a shout out to Thomas paper being up there
    • But also to Robyn Gritz
    • And him
    • Again, I'm gonna mention her name she's the one that stood has stood up against the ending McCabe we have a spokesman out there I hate spokesman yeah seems like fund me
    • And support her
    • And in her battle as she she's taking on the system Thomas Paine's another guy that's been a part of that
    • And I wanted to say about Robin I mean she's not gonna be like oh I'm gonna go away she's gonna be a part of the solution--she's gonna
    • And I don't want to say too much more on that
    • So let's go to the bombing most people don't know we are have a raging bombing campaign right
    • Now, they think there's Trump sitting on his hands right well there were Navy Navy fighter jets whatever sins
    • And they bombed a bunch of what was originally called Taliban synthetic labs which is basically where you're--taking the opiates
    • And processing them in those areas
    • And then it's kind of come out more honest is this Western Afghanistan or Eastern
    • I'm not exact locations
    • But it's coming out--more
    • And more really running those labs
    • And where is that stuff coming from it it's Catholics in action right the damn Catholics
    • Again, are running these drug labs in Pakistan would create a lab wait I think it's the I think it's the cars International League right cars Internet Inc has got I did not realize they had the resources to create labs--that's quite amazing so
    • Now, do you think Trump will just keep the bombing campaign going while he's kind of keeping the world in suspense that's about what he's gonna do on the other yeah I don't I don't know I think that was--trunks one of his main things was opiate the opiate--the problem in here in this country
    • And this is a big big big part of the story that people don't understand of how the opiates where they're coming from how its being synthesized in different labs
    • And where that's occurring
    • And why he's moms might be dropping on the labs to stop the opiates from coming in
    • And killing American people
    • And that's been
    • And that's been really covered up I mean we really haven't had a lot of coverage on that to be honest you really have to dig there are some like Navy Times
    • And people I mean it's hard to send kids--up in in to war
    • And the moms are all like I don't know
    • And them grandmothers
    • And the dads
    • And the brothers
    • And everything it's hard not to be honest--this gonna show up there's a lot of satellites up there you're gonna see the bombing and
    • So anyway I'm just seeing that comments for the first time they're close enough
    • So yeah well we'll try to get the comments as we go
    • So a couple other stories what do you want to cover a couple of other stories that seem to come to mind the only other thing I would say is that we didn't we try to cover earlier we got to we didn't get a chance to win load about the soldier we were out in daily square
    • And yeah
    • And a soldier who has served his country in Afghanistan just to hear on a patriot who has followed George from the first days came up
    • And said hey scrunchie recognized George
    • And we got a chance to shake his hand or he knew you to though you knew Task Force yeah I knew
    • So yeah
    • So it was a great chance to meet him
    • And he asked him what we could do better what would be most helpful
    • And he said you need to have a Chicago whistle doe whistle blower Sunday like you do in DC because they're supporters they want to talk so
    • Now, I am just quite shocked that we have not had a ROM siren or ambulance a lot of people are calling it the Romulans we have not had a Romulans since we've been down here
    • Now, roms got to get out of the city at some point doesn't he I mean he's you think it'll be my fire truck--with that booster seat or do you think it'll be a rambling
    • So Romulus probably gonna be lots of diversions right you might have a Romulus going one way with a fire truck
    • And a booster seat going another way and--all different diversions
    • So no one can really follow that yeah rom worked pretty close to state
    • And lake
    • So if you want to try to get the Bitcoin we survive we're still are
    • Now, we
    • Now, we hear Mark Zuckerberg may be delivering a lot of Bitcoin
    • But in hand delivering a lot of Bitcoin in Congress today what is your take on you watch a little bit of the testimony what should I watch the testimony mostly yesterday that on the senate
    • And my take was first of all that when they did it's the statistics of how many of the people questioning mark zuckerberg had actually taken cash for more exact reverse our Facebook's company it's a little hard to question
    • And fire off appropriate questions
    • And you can look at Thomas Paine's article on that
    • And fire off tough questions about what's happening with data in the selling off of data when you're actually taking money from the company yeah I think it was like 30 or 40 Senators had taken
    • And almost all that sherry had taken money from him
    • And a like big chunk some money like half a million dollar chunks right before he goes on to the Senate testimony as like they're not even separating pay-to-play with the conjunction to just pay play pay play--it's almost like one word
    • Now, in Washington
    • But I'm kind of glad I'm out of Washington to be honest with you yeah it's actually wonderful to be out here with the people that this is these are the great people great American patriots whether they're veterans or bernie bridges or just--people that are trying to do what's right by our country
    • And get it back to the rule of law
    • And ethics
    • And morality at all
    • Now, now the big news is we knocked out we knocked Paul Ryan of the he's retiring I think he knows the Racine story's coming we're still gonna do the Racine story Paul because we get it's not it's bigger than you
    • But Paul nellen
    • Now, becomes the front-runner in that race s
    • So I think our time in Milwaukee was well spent what are your thoughts on on Paul Ryan yeah well I think it's a little it's probably shocking everyone that he's deciding to resign not shocking to me
    • So are you ready to drop your connections between Paul Ryan
    • And Andy McCabe yet or no no I think we're gonna go to Racine
    • And we're gonna do some investigating there information that we have that may be the ghost signal to start sending right ramya lenses in all directions that may be your go signal go ahead I'm sorry
    • So yeah I just think we're--we're gonna go to spend some time in Racine
    • And tell some stories that need to be cooked cold or gay at least get some information out there that people can start doing some research because racing is a big important part of what's going on in our country well just like Hull House are my objective isn't to make any judgments it's just to go to the places--film around it show the metadata
    • And then people come up with all kinds of stuff
    • Now, your whole house is gonna be moved oh oh
    • we don't know that for sure
    • So all right well we're gonna leave that
    • So what other news you want to cover there's probably a couple more Senators a couple more Congressmen then I won't be running for reelection seems like a lot of people just serve at the Blues
    • But--not wanting to run for reelection
    • And I'm gonna it's going to be very curious to find out their reasoning which I think will come out at a later date
    • And time about why they chose or whereas yeah
    • So I'm gonna take questions here for a second as our as our ACOG oh cab goes by our Chicago water taxi--I want to see a little bit about--Bobby Rush Bobby Rush was commenting with Mark Zuckerberg
    • And we've been in a couple of different Senate meetings where people will mention COINTELPRO
    • And they'll say Oh COINTELPRO
    • And then
    • And we don't run that anymore
    • And we always have a chuckle on that one that's what Hillary restarted with Andy McCabe in 1998 you're gonna find that this whole process that we've been talking about McCabe maybe not rahm emanuel because he comes in a little bit later
    • But the whole thing with p tech
    • And the whole thing with mueller was to cycle up Sibel Edmonds is reporting a lot on this I don't know why anybody else doesn't
    • But to cycle up
    • And restart COINTELPRO much much more surveillance much more surveillance from the sky that's our NGA that's why we talk
    • So much about the NGA that's why the Larry Clayman suit for me that's why we created a playlist for an GA because it's not only about the metadata of you walking of you making a phone call while you're walking up
    • And down Riverwalk
    • But it's actually geo-locating you here
    • And then being able to go back with a d-wave type computer a quantum type computer
    • And actually replay your life replay your life see where you error every minute of the day
    • Now, I believe in the criminal justice information system
    • And that's in Clarksburg Tennessee that's run by a guy named Burrell who was in the Washington field office the counter-intel office with all of his friends like Shawn Henry
    • And Adrian Hawkins
    • And of course Andy McCabe
    • And Bill Priestap here in Chicago they actually have a d-wave
    • And they can reconstruct any put person walking along here
    • And their time
    • So all murders could be solved today they just don't want to let on that they have this time capability Burrell's company is called temporal data systems
    • So that's that's what it's all about
    • So anyway I'm gonna take a few questions here as we go
    • And if you can think of any other news items what am I aware of do all caps what am I aware of somebody has said is somebody's history temporal data systems yes that's Burrell's company we have a spokesman for a McCabe that we normally see at this point along the way who's using every possible Federal agency to point out the fact that I was correct with the diplomatic cover the diplomatic containers shipping their Uranium games Uranium One as well as other games [Music] Silva's
    • So I think that maybe eat it we I normally can expound a little bit more
    • >>>CONT
submitted by 911bodysnatchers322 to TruthLeaks [link] [comments]

Shadow Brokers release NSA hacking tools, but were the tools used in a series of bank robberies involving the SWIFT transfer system?

Shadow Brokers Leak Reveals The NSA's Deep Access Into SWIFT Banking Network

In August of 2016, a group calling itself the Shadow Brokers emerged with a treasure trove of purported NSA hacking tools. The group released only a small portion of its take and eventually tried unsuccessfully to auction the good stuff. When no one offered to pay, Shadow Brokers decided to give it away for free.
In an enterprise setting, however, disabling the Windows Firewall and allowing remote desktop connections is quite common. That's where these exploits were designed to work, and the Shadow Brokers data appears to reveal that the NSA used these tools against at least one eyebrow-raising target: a SWIFT bureau in the Middle East.
Following The Money
As part of the Bush administration's War on Terrorism the Terrorist Finance Tracking program was set up. Under TFTP, the U.S. gained the ability to monitor transactions carried out via SWIFT. Why target SWIFT specifically? There are upwards of 11,000 banks in 200 countries that use it, and they exchange around 15 million messages a day. If you need to keep an eye on large amounts of money moving internationally, SWIFT is the key.
•••
A leaked PowerPoint slide appears to confirm that the NSA had successfully set up backdoor monitoring on 9 banks running SWIFT Alliance Access (SAA) servers. At least three others at another SWIFT Bureau were targeted, but they had not been compromised at the time of creation of the PowerPoint presentation in 2013.
A Rundown of the Biggest Cybersecurity Incidents of 2016

Most expensive attacks: Leoni and Bangladesh Bank

Large multinational companies are the prime targets of Business Email Compromise (BEC), which is a type of online scam that usually begins with an attacker compromising a legitimate email account and tricking the company’s financial officer to wire funds to their accounts. Typically the companies that fall victim to these scams deal with foreign suppliers and habitually use wire transfer payments. Victims of BEC scams have increased 270% since the start of 2015, and this year saw one of the largest amounts lost by an enterprise. Read more

Biggest attack vector in finance: SWIFT

The Society for Worldwide Interbank Financial Telecommunication (SWIFT) is a global transaction messaging network used by banks and other financial entities such as foreign exchanges and investment firms. Unfortunately, this year saw attackers targeting SWIFT clients, compromising and manipulating organizations into sending fraudulent money transfer requests. It’s unclear how many of these attacks were actually successful, but in June, SWIFT sent its clients a letter warning them about the possible dangers. The organization also urged clients to update their software and tighten their cyber defenses.
Shadow Brokers Dump Alleged Windows Exploits and NSA Presentations on Targeting Banks
The post includes a link to a selection of files and folders. One sub-folder called "exploits" includes executable files with apparent codenames such as "Eternalsynergy," "Erraticgopher," and "Emeraldthread."
•••
"This is phenomenal data, it has all the hallmarks of slickly produced internal attack tools," Hacker Fantastic continued. "I am certain that analysis on this data will turn up another 0day [zero day]."
Security architect Kevin Beaumont told Motherboard in a Twitter direct message, "All of the Windows implants are new to VirusTotal [an online file scanning tool], which suggests they've not been seen before."
Targets of NSA hacking operations may also be able to determine whether they were compromised thanks to these new files. Cybersecurity company Symantec recently did something similar but with details of alleged CIA hacking tools released by Wikileaks.
Another section of the [dump]( (https://gist.github.com/misterch0c/08829bc65b208609d455a9f4aeaa2a6c) includes several alleged presentations marked "TOP SECRET" concerning "[JEEPFLEA_MARKET](
)." According to a previous analysis by Electrospaces.net, which searches through previously released government documents including the Snowden files for additional clues, Jeepflea is a hacking project from Tailored Access Operations (TAO), the NSA's elite hacking unit.
NSA's powerful Windows hacking tools leaked online
Shadow Brokers leak NSA documents that may reveal operation aimed at Middle Eastern banks
So here are the dots not being connected...
In 2016 Shadow Brokers placed a trove of NSA hacking tools up for sale last year. On 08.17.16 wired reported that that stolen NSA exploit tools were being held hostage for a Bit Coin pay out. When no one came up with the ransom the Shadow Brokers began selling the apps individually for prices that range from 1 to 1000 Bit Coins.
This is only half the story because prior to the release of the information in August 2016 maybe as far back as several years a series of attacks and robberies through the SWIFT system occurred.
Swift Hack Probe Expands to Up to a Dozen Banks Beyond Bangladesh
That Insane, $81M Bangladesh Bank Heist? Here’s What We Know 05.17.16 - 7:00 am
Once Again, Thieves Enter Swift Financial Network and Steal
New details about a second attack involving Swift — the messaging system used by thousands of banks and companies to move money around the world — are emerging as investigators are still trying to solve the $81 million heist from the central bank of Bangladesh in February. In that theft, the attackers were able to compel the Federal Reserve Bank of New York to move money to accounts in the Philippines.
The second attack involves a commercial bank, which Swift declined to identify. But in a letter Swift plans to share with its users on Friday, the messaging network warned that the two attacks bore numerous similarities and were very likely part of a “wider and highly adaptive campaign targeting banks.”
FOURTH bank hit by SWIFT hackers
Evidence is emerging that the SWIFT (Society for Worldwide Interbank Financial Telecom) attacks began as far back as October 2015 when the Philippines bank was first hit, two months prior to the discovery of the failed attack on Tien Phong Bank in Vietnam.
There are many more articles beyond these, but what it looks like is the Shadow Brokers or some associated individuals pulled off a series of bank heists prior to releasing the applications to the open market. That also open the question of what the NSA was doing with the applications? They could have have been tracking "suspects" but it seems they could have also been moving money for any reason they chose without records being left in the banking system. The possible exploits were only exposed after a series of bank robberies exposed the power of the tools the NSA had developed.
It seems once again crimes have exposed the government's illicit powers concealed by the intelligence community (IC). It is entirely possible that the tools were used legally and only to expose private records of terrorists and spies under FISA warrants, but who knows. The only thing that exposed these exploits was the theft. Kinda makes ya wonder, huh?
The evidence and the different styles of hacking listed in the articles about the bank heists suggests that an initial group stole some NSA hacking tools and pulled off the Bangladesh heist. They may or may not have done Ecuador or the Philippines but it seems that at some point the exploits were sold on the open market, but that does not exclude some clandestine deals with other groups that also have employed the exploits. Once the initial 81 million was stolen they distributed the exploits to other groups who may have also attacked the SWIFT system and other targets to make forensics on nation state level zero day attacks that much more difficult. Several groups attempting independent attacks increased the attack vectors making identification even more difficult. It also appears that the hackers may have targeted banks that had the Trojans installed initially. So why would they go for relatively small scores when they essentially owned the SWIFT system. Could the hackers be attacking networks already infected with the Trojan.
It really makes sense when you think about the banks they hit. The NSA installs the Trojans to "observe" suspected transactions. The hackers obtain the exploits, found the Trojans phoning home and used them to own the infected systems, modified the attack vectors to transfer money. Why not skip the phishing attack when there was already infected banks. Take the path of least resistance that leads back to someone the American government would never admit lead away from the hackers.
Of course that means anyone including the IC could have manipulated transactions, but hey that wouldn't have been a robbery would it. Really the tools could have been used to track transactions, but they could have facilitated the IC surreptitious movement of money to fund operations.
In all reality it was very clever, make a score, don't get greedy, prevent the creation of a M.O. to narrow investigations and identify the perpetrators. But identifying clever when they managed to steal exploits from the NSA and could use the exploits to attack the banking system. Just the fact that they can't be identified means they are pretty slick and the exploits are not for the novice user. There were some skills at work here.
What else was done with the exploits and who are they?
Shadow Brokers Group Releases More Stolen NSA Hacking Tools & Exploits Saturday, April 08, 2017
Besides dumping some NSA's hacking tools back in August 2016, the Shadow Brokers also released an encrypted cache of files containing more NSA's hacking tools and exploits in an auction, asking for 1 Million Bitcoins (around $568 Million). However, after failed auction, the group put up those hacking tools and exploits for direct sale on an underground website, categorizing them into a type — like "exploits," "Trojans," and "implant" — each of which ranged from 1 to 100 Bitcoins (from $780 to $78,000). Now, the Shadow Brokers has finally released password for the encrypted cache of NSA's files, allowing anyone to unlock and download the auction data dump.

CrDj”(;Va.*[email protected])#>deB7mN

THE SHADOW BROKERS MESS IS WHAT HAPPENS WHEN THE NSA HOARDS ZERO-DAYS AUTHOR: ANDY GREENBERG 08.17.16. - 8:34 PM
Everything you need to know about the NSA hack - but were afraid to Google
Shadow Brokers leak systems hacked by NSA – mostly mail and uni servers in India, China
New leak suggests NSA penetrated Mideast banking networks By RAPHAEL SATTER

Sunday April 16, 2017 click here for archives
☰ Latest News
CoincidenceTheorist
-23-
submitted by J_Dillinger to The_Redacted [link] [comments]

Shadow Brokers release NSA hacking tools, but were the tools used in a series of bank robberies involving the SWIFT transfer system?

Shadow Brokers Leak Reveals The NSA's Deep Access Into SWIFT Banking Network

In August of 2016, a group calling itself the Shadow Brokers emerged with a treasure trove of purported NSA hacking tools. The group released only a small portion of its take and eventually tried unsuccessfully to auction the good stuff. When no one offered to pay, Shadow Brokers decided to give it away for free.
In an enterprise setting, however, disabling the Windows Firewall and allowing remote desktop connections is quite common. That's where these exploits were designed to work, and the Shadow Brokers data appears to reveal that the NSA used these tools against at least one eyebrow-raising target: a SWIFT bureau in the Middle East.
Following The Money
As part of the Bush administration's War on Terrorism the Terrorist Finance Tracking program was set up. Under TFTP, the U.S. gained the ability to monitor transactions carried out via SWIFT. Why target SWIFT specifically? There are upwards of 11,000 banks in 200 countries that use it, and they exchange around 15 million messages a day. If you need to keep an eye on large amounts of money moving internationally, SWIFT is the key.
•••
A leaked PowerPoint slide appears to confirm that the NSA had successfully set up backdoor monitoring on 9 banks running SWIFT Alliance Access (SAA) servers. At least three others at another SWIFT Bureau were targeted, but they had not been compromised at the time of creation of the PowerPoint presentation in 2013.
A Rundown of the Biggest Cybersecurity Incidents of 2016

Most expensive attacks: Leoni and Bangladesh Bank

Large multinational companies are the prime targets of Business Email Compromise (BEC), which is a type of online scam that usually begins with an attacker compromising a legitimate email account and tricking the company’s financial officer to wire funds to their accounts. Typically the companies that fall victim to these scams deal with foreign suppliers and habitually use wire transfer payments. Victims of BEC scams have increased 270% since the start of 2015, and this year saw one of the largest amounts lost by an enterprise. Read more

Biggest attack vector in finance: SWIFT

The Society for Worldwide Interbank Financial Telecommunication (SWIFT) is a global transaction messaging network used by banks and other financial entities such as foreign exchanges and investment firms. Unfortunately, this year saw attackers targeting SWIFT clients, compromising and manipulating organizations into sending fraudulent money transfer requests. It’s unclear how many of these attacks were actually successful, but in June, SWIFT sent its clients a letter warning them about the possible dangers. The organization also urged clients to update their software and tighten their cyber defenses.
Shadow Brokers Dump Alleged Windows Exploits and NSA Presentations on Targeting Banks
The post includes a link to a selection of files and folders. One sub-folder called "exploits" includes executable files with apparent codenames such as "Eternalsynergy," "Erraticgopher," and "Emeraldthread."
•••
"This is phenomenal data, it has all the hallmarks of slickly produced internal attack tools," Hacker Fantastic continued. "I am certain that analysis on this data will turn up another 0day [zero day]."
Security architect Kevin Beaumont told Motherboard in a Twitter direct message, "All of the Windows implants are new to VirusTotal [an online file scanning tool], which suggests they've not been seen before."
Targets of NSA hacking operations may also be able to determine whether they were compromised thanks to these new files. Cybersecurity company Symantec recently did something similar but with details of alleged CIA hacking tools released by Wikileaks.
Another section of the [dump]( (https://gist.github.com/misterch0c/08829bc65b208609d455a9f4aeaa2a6c) includes several alleged presentations marked "TOP SECRET" concerning "[JEEPFLEA_MARKET](
)." According to a previous analysis by Electrospaces.net, which searches through previously released government documents including the Snowden files for additional clues, Jeepflea is a hacking project from Tailored Access Operations (TAO), the NSA's elite hacking unit.
NSA's powerful Windows hacking tools leaked online
Shadow Brokers leak NSA documents that may reveal operation aimed at Middle Eastern banks
So here are the dots not being connected...
In 2016 Shadow Brokers placed a trove of NSA hacking tools up for sale last year. On 08.17.16 wired reported that that stolen NSA exploit tools were being held hostage for a Bit Coin pay out. When no one came up with the ransom the Shadow Brokers began selling the apps individually for prices that range from 1 to 1000 Bit Coins.
This is only half the story because prior to the release of the information in August 2016 maybe as far back as several years a series of attacks and robberies through the SWIFT system occurred.
Swift Hack Probe Expands to Up to a Dozen Banks Beyond Bangladesh
That Insane, $81M Bangladesh Bank Heist? Here’s What We Know 05.17.16 - 7:00 am
Once Again, Thieves Enter Swift Financial Network and Steal
New details about a second attack involving Swift — the messaging system used by thousands of banks and companies to move money around the world — are emerging as investigators are still trying to solve the $81 million heist from the central bank of Bangladesh in February. In that theft, the attackers were able to compel the Federal Reserve Bank of New York to move money to accounts in the Philippines.
The second attack involves a commercial bank, which Swift declined to identify. But in a letter Swift plans to share with its users on Friday, the messaging network warned that the two attacks bore numerous similarities and were very likely part of a “wider and highly adaptive campaign targeting banks.”
FOURTH bank hit by SWIFT hackers
Evidence is emerging that the SWIFT (Society for Worldwide Interbank Financial Telecom) attacks began as far back as October 2015 when the Philippines bank was first hit, two months prior to the discovery of the failed attack on Tien Phong Bank in Vietnam.
There are many more articles beyond these, but what it looks like is the Shadow Brokers or some associated individuals pulled off a series of bank heists prior to releasing the applications to the open market. That also open the question of what the NSA was doing with the applications? They could have have been tracking "suspects" but it seems they could have also been moving money for any reason they chose without records being left in the banking system. The possible exploits were only exposed after a series of bank robberies exposed the power of the tools the NSA had developed.
It seems once again crimes have exposed the government's illicit powers concealed by the intelligence community (IC). It is entirely possible that the tools were used legally and only to expose private records of terrorists and spies under FISA warrants, but who knows. The only thing that exposed these exploits was the theft. Kinda makes ya wonder, huh?
The evidence and the different styles of hacking listed in the articles about the bank heists suggests that an initial group stole some NSA hacking tools and pulled off the Bangladesh heist. They may or may not have done Ecuador or the Philippines but it seems that at some point the exploits were sold on the open market, but that does not exclude some clandestine deals with other groups that also have employed the exploits. Once the initial 81 million was stolen they distributed the exploits to other groups who may have also attacked the SWIFT system and other targets to make forensics on nation state level zero day attacks that much more difficult. Several groups attempting independent attacks increased the attack vectors making identification even more difficult. It also appears that the hackers may have targeted banks that had the Trojans installed initially. So why would they go for relatively small scores when they essentially owned the SWIFT system. Could the hackers be attacking networks already infected with the Trojan.
It really makes sense when you think about the banks they hit. The NSA installs the Trojans to "observe" suspected transactions. The hackers obtain the exploits, found the Trojans phoning home and used them to own the infected systems, modified the attack vectors to transfer money. Why not skip the phishing attack when there was already infected banks. Take the path of least resistance that leads back to someone the American government would never admit lead away from the hackers.
Of course that means anyone including the IC could have manipulated transactions, but hey that wouldn't have been a robbery would it. Really the tools could have been used to track transactions, but they could have facilitated the IC surreptitious movement of money to fund operations.
In all reality it was very clever, make a score, don't get greedy, prevent the creation of a M.O. to narrow investigations and identify the perpetrators. But identifying clever when they managed to steal exploits from the NSA and could use the exploits to attack the banking system. Just the fact that they can't be identified means they are pretty slick and the exploits are not for the novice user. There were some skills at work here.
What else was done with the exploits and who are they?
Shadow Brokers Group Releases More Stolen NSA Hacking Tools & Exploits Saturday, April 08, 2017
Besides dumping some NSA's hacking tools back in August 2016, the Shadow Brokers also released an encrypted cache of files containing more NSA's hacking tools and exploits in an auction, asking for 1 Million Bitcoins (around $568 Million). However, after failed auction, the group put up those hacking tools and exploits for direct sale on an underground website, categorizing them into a type — like "exploits," "Trojans," and "implant" — each of which ranged from 1 to 100 Bitcoins (from $780 to $78,000). Now, the Shadow Brokers has finally released password for the encrypted cache of NSA's files, allowing anyone to unlock and download the auction data dump.

CrDj”(;Va.*[email protected])#>deB7mN

THE SHADOW BROKERS MESS IS WHAT HAPPENS WHEN THE NSA HOARDS ZERO-DAYS AUTHOR: ANDY GREENBERG 08.17.16. - 8:34 PM
Everything you need to know about the NSA hack - but were afraid to Google
Shadow Brokers leak systems hacked by NSA – mostly mail and uni servers in India, China
New leak suggests NSA penetrated Mideast banking networks By RAPHAEL SATTER

Sunday April 16, 2017 click here for archives
☰ Latest News
CoincidenceTheorist
-23-
submitted by J_Dillinger to TruthLeaks [link] [comments]

Shadow Brokers release NSA hacking tools, but were the tools used in a series of bank robberies involving the SWIFT transfer system?

Shadow Brokers Leak Reveals The NSA's Deep Access Into SWIFT Banking Network

In August of 2016, a group calling itself the Shadow Brokers emerged with a treasure trove of purported NSA hacking tools. The group released only a small portion of its take and eventually tried unsuccessfully to auction the good stuff. When no one offered to pay, Shadow Brokers decided to give it away for free.
In an enterprise setting, however, disabling the Windows Firewall and allowing remote desktop connections is quite common. That's where these exploits were designed to work, and the Shadow Brokers data appears to reveal that the NSA used these tools against at least one eyebrow-raising target: a SWIFT bureau in the Middle East.
Following The Money
As part of the Bush administration's War on Terrorism the Terrorist Finance Tracking program was set up. Under TFTP, the U.S. gained the ability to monitor transactions carried out via SWIFT. Why target SWIFT specifically? There are upwards of 11,000 banks in 200 countries that use it, and they exchange around 15 million messages a day. If you need to keep an eye on large amounts of money moving internationally, SWIFT is the key.
•••
A leaked PowerPoint slide appears to confirm that the NSA had successfully set up backdoor monitoring on 9 banks running SWIFT Alliance Access (SAA) servers. At least three others at another SWIFT Bureau were targeted, but they had not been compromised at the time of creation of the PowerPoint presentation in 2013.
A Rundown of the Biggest Cybersecurity Incidents of 2016

Most expensive attacks: Leoni and Bangladesh Bank

Large multinational companies are the prime targets of Business Email Compromise (BEC), which is a type of online scam that usually begins with an attacker compromising a legitimate email account and tricking the company’s financial officer to wire funds to their accounts. Typically the companies that fall victim to these scams deal with foreign suppliers and habitually use wire transfer payments. Victims of BEC scams have increased 270% since the start of 2015, and this year saw one of the largest amounts lost by an enterprise. Read more

Biggest attack vector in finance: SWIFT

The Society for Worldwide Interbank Financial Telecommunication (SWIFT) is a global transaction messaging network used by banks and other financial entities such as foreign exchanges and investment firms. Unfortunately, this year saw attackers targeting SWIFT clients, compromising and manipulating organizations into sending fraudulent money transfer requests. It’s unclear how many of these attacks were actually successful, but in June, SWIFT sent its clients a letter warning them about the possible dangers. The organization also urged clients to update their software and tighten their cyber defenses.
Shadow Brokers Dump Alleged Windows Exploits and NSA Presentations on Targeting Banks
The post includes a link to a selection of files and folders. One sub-folder called "exploits" includes executable files with apparent codenames such as "Eternalsynergy," "Erraticgopher," and "Emeraldthread."
•••
"This is phenomenal data, it has all the hallmarks of slickly produced internal attack tools," Hacker Fantastic continued. "I am certain that analysis on this data will turn up another 0day [zero day]."
Security architect Kevin Beaumont told Motherboard in a Twitter direct message, "All of the Windows implants are new to VirusTotal [an online file scanning tool], which suggests they've not been seen before."
Targets of NSA hacking operations may also be able to determine whether they were compromised thanks to these new files. Cybersecurity company Symantec recently did something similar but with details of alleged CIA hacking tools released by Wikileaks.
Another section of the [dump]( (https://gist.github.com/misterch0c/08829bc65b208609d455a9f4aeaa2a6c) includes several alleged presentations marked "TOP SECRET" concerning "[JEEPFLEA_MARKET](
)." According to a previous analysis by Electrospaces.net, which searches through previously released government documents including the Snowden files for additional clues, Jeepflea is a hacking project from Tailored Access Operations (TAO), the NSA's elite hacking unit.
NSA's powerful Windows hacking tools leaked online
Shadow Brokers leak NSA documents that may reveal operation aimed at Middle Eastern banks
So here are the dots not being connected...
In 2016 Shadow Brokers placed a trove of NSA hacking tools up for sale last year. On 08.17.16 wired reported that that stolen NSA exploit tools were being held hostage for a Bit Coin pay out. When no one came up with the ransom the Shadow Brokers began selling the apps individually for prices that range from 1 to 1000 Bit Coins.
This is only half the story because prior to the release of the information in August 2016 maybe as far back as several years a series of attacks and robberies through the SWIFT system occurred.
Swift Hack Probe Expands to Up to a Dozen Banks Beyond Bangladesh
That Insane, $81M Bangladesh Bank Heist? Here’s What We Know 05.17.16 - 7:00 am
Once Again, Thieves Enter Swift Financial Network and Steal
New details about a second attack involving Swift — the messaging system used by thousands of banks and companies to move money around the world — are emerging as investigators are still trying to solve the $81 million heist from the central bank of Bangladesh in February. In that theft, the attackers were able to compel the Federal Reserve Bank of New York to move money to accounts in the Philippines.
The second attack involves a commercial bank, which Swift declined to identify. But in a letter Swift plans to share with its users on Friday, the messaging network warned that the two attacks bore numerous similarities and were very likely part of a “wider and highly adaptive campaign targeting banks.”
FOURTH bank hit by SWIFT hackers
Evidence is emerging that the SWIFT (Society for Worldwide Interbank Financial Telecom) attacks began as far back as October 2015 when the Philippines bank was first hit, two months prior to the discovery of the failed attack on Tien Phong Bank in Vietnam.
There are many more articles beyond these, but what it looks like is the Shadow Brokers or some associated individuals pulled off a series of bank heists prior to releasing the applications to the open market. That also open the question of what the NSA was doing with the applications? They could have have been tracking "suspects" but it seems they could have also been moving money for any reason they chose without records being left in the banking system. The possible exploits were only exposed after a series of bank robberies exposed the power of the tools the NSA had developed.
It seems once again crimes have exposed the government's illicit powers concealed by the intelligence community (IC). It is entirely possible that the tools were used legally and only to expose private records of terrorists and spies under FISA warrants, but who knows. The only thing that exposed these exploits was the theft. Kinda makes ya wonder, huh?
The evidence and the different styles of hacking listed in the articles about the bank heists suggests that an initial group stole some NSA hacking tools and pulled off the Bangladesh heist. They may or may not have done Ecuador or the Philippines but it seems that at some point the exploits were sold on the open market, but that does not exclude some clandestine deals with other groups that also have employed the exploits. Once the initial 81 million was stolen they distributed the exploits to other groups who may have also attacked the SWIFT system and other targets to make forensics on nation state level zero day attacks that much more difficult. Several groups attempting independent attacks increased the attack vectors making identification even more difficult. It also appears that the hackers may have targeted banks that had the Trojans installed initially. So why would they go for relatively small scores when they essentially owned the SWIFT system. Could the hackers be attacking networks already infected with the Trojan.
It really makes sense when you think about the banks they hit. The NSA installs the Trojans to "observe" suspected transactions. The hackers obtain the exploits, found the Trojans phoning home and used them to own the infected systems, modified the attack vectors to transfer money. Why not skip the phishing attack when there was already infected banks. Take the path of least resistance that leads back to someone the American government would never admit lead away from the hackers.
Of course that means anyone including the IC could have manipulated transactions, but hey that wouldn't have been a robbery would it. Really the tools could have been used to track transactions, but they could have facilitated the IC surreptitious movement of money to fund operations.
In all reality it was very clever, make a score, don't get greedy, prevent the creation of a M.O. to narrow investigations and identify the perpetrators. But identifying clever when they managed to steal exploits from the NSA and could use the exploits to attack the banking system. Just the fact that they can't be identified means they are pretty slick and the exploits are not for the novice user. There were some skills at work here.
What else was done with the exploits and who are they?
Shadow Brokers Group Releases More Stolen NSA Hacking Tools & Exploits Saturday, April 08, 2017
Besides dumping some NSA's hacking tools back in August 2016, the Shadow Brokers also released an encrypted cache of files containing more NSA's hacking tools and exploits in an auction, asking for 1 Million Bitcoins (around $568 Million). However, after failed auction, the group put up those hacking tools and exploits for direct sale on an underground website, categorizing them into a type — like "exploits," "Trojans," and "implant" — each of which ranged from 1 to 100 Bitcoins (from $780 to $78,000). Now, the Shadow Brokers has finally released password for the encrypted cache of NSA's files, allowing anyone to unlock and download the auction data dump.

CrDj”(;Va.*[email protected])#>deB7mN

THE SHADOW BROKERS MESS IS WHAT HAPPENS WHEN THE NSA HOARDS ZERO-DAYS AUTHOR: ANDY GREENBERG 08.17.16. - 8:34 PM
Everything you need to know about the NSA hack - but were afraid to Google
Shadow Brokers leak systems hacked by NSA – mostly mail and uni servers in India, China
New leak suggests NSA penetrated Mideast banking networks By RAPHAEL SATTER

Sunday April 16, 2017 click here for archives
☰ Latest News
CoincidenceTheorist
-23-
submitted by J_Dillinger to CoincidenceTheorist [link] [comments]

Shadow Brokers release NSA hacking tools, but were the tools used in a series of bank robberies involving the SWIFT transfer system?

Shadow Brokers Leak Reveals The NSA's Deep Access Into SWIFT Banking Network

In August of 2016, a group calling itself the Shadow Brokers emerged with a treasure trove of purported NSA hacking tools. The group released only a small portion of its take and eventually tried unsuccessfully to auction the good stuff. When no one offered to pay, Shadow Brokers decided to give it away for free.
In an enterprise setting, however, disabling the Windows Firewall and allowing remote desktop connections is quite common. That's where these exploits were designed to work, and the Shadow Brokers data appears to reveal that the NSA used these tools against at least one eyebrow-raising target: a SWIFT bureau in the Middle East.
Following The Money
As part of the Bush administration's War on Terrorism the Terrorist Finance Tracking program was set up. Under TFTP, the U.S. gained the ability to monitor transactions carried out via SWIFT. Why target SWIFT specifically? There are upwards of 11,000 banks in 200 countries that use it, and they exchange around 15 million messages a day. If you need to keep an eye on large amounts of money moving internationally, SWIFT is the key.
•••
A leaked PowerPoint slide appears to confirm that the NSA had successfully set up backdoor monitoring on 9 banks running SWIFT Alliance Access (SAA) servers. At least three others at another SWIFT Bureau were targeted, but they had not been compromised at the time of creation of the PowerPoint presentation in 2013.
A Rundown of the Biggest Cybersecurity Incidents of 2016

Most expensive attacks: Leoni and Bangladesh Bank

Large multinational companies are the prime targets of Business Email Compromise (BEC), which is a type of online scam that usually begins with an attacker compromising a legitimate email account and tricking the company’s financial officer to wire funds to their accounts. Typically the companies that fall victim to these scams deal with foreign suppliers and habitually use wire transfer payments. Victims of BEC scams have increased 270% since the start of 2015, and this year saw one of the largest amounts lost by an enterprise. Read more

Biggest attack vector in finance: SWIFT

The Society for Worldwide Interbank Financial Telecommunication (SWIFT) is a global transaction messaging network used by banks and other financial entities such as foreign exchanges and investment firms. Unfortunately, this year saw attackers targeting SWIFT clients, compromising and manipulating organizations into sending fraudulent money transfer requests. It’s unclear how many of these attacks were actually successful, but in June, SWIFT sent its clients a letter warning them about the possible dangers. The organization also urged clients to update their software and tighten their cyber defenses.
Shadow Brokers Dump Alleged Windows Exploits and NSA Presentations on Targeting Banks
The post includes a link to a selection of files and folders. One sub-folder called "exploits" includes executable files with apparent codenames such as "Eternalsynergy," "Erraticgopher," and "Emeraldthread."
•••
"This is phenomenal data, it has all the hallmarks of slickly produced internal attack tools," Hacker Fantastic continued. "I am certain that analysis on this data will turn up another 0day [zero day]."
Security architect Kevin Beaumont told Motherboard in a Twitter direct message, "All of the Windows implants are new to VirusTotal [an online file scanning tool], which suggests they've not been seen before."
Targets of NSA hacking operations may also be able to determine whether they were compromised thanks to these new files. Cybersecurity company Symantec recently did something similar but with details of alleged CIA hacking tools released by Wikileaks.
Another section of the [dump]( (https://gist.github.com/misterch0c/08829bc65b208609d455a9f4aeaa2a6c) includes several alleged presentations marked "TOP SECRET" concerning "[JEEPFLEA_MARKET](
)." According to a previous analysis by Electrospaces.net, which searches through previously released government documents including the Snowden files for additional clues, Jeepflea is a hacking project from Tailored Access Operations (TAO), the NSA's elite hacking unit.
NSA's powerful Windows hacking tools leaked online
Shadow Brokers leak NSA documents that may reveal operation aimed at Middle Eastern banks
So here are the dots not being connected...
In 2016 Shadow Brokers placed a trove of NSA hacking tools up for sale last year. On 08.17.16 wired reported that that stolen NSA exploit tools were being held hostage for a Bit Coin pay out. When no one came up with the ransom the Shadow Brokers began selling the apps individually for prices that range from 1 to 1000 Bit Coins.
This is only half the story because prior to the release of the information in August 2016 maybe as far back as several years a series of attacks and robberies through the SWIFT system occurred.
Swift Hack Probe Expands to Up to a Dozen Banks Beyond Bangladesh
That Insane, $81M Bangladesh Bank Heist? Here’s What We Know 05.17.16 - 7:00 am
Once Again, Thieves Enter Swift Financial Network and Steal
New details about a second attack involving Swift — the messaging system used by thousands of banks and companies to move money around the world — are emerging as investigators are still trying to solve the $81 million heist from the central bank of Bangladesh in February. In that theft, the attackers were able to compel the Federal Reserve Bank of New York to move money to accounts in the Philippines.
The second attack involves a commercial bank, which Swift declined to identify. But in a letter Swift plans to share with its users on Friday, the messaging network warned that the two attacks bore numerous similarities and were very likely part of a “wider and highly adaptive campaign targeting banks.”
FOURTH bank hit by SWIFT hackers
Evidence is emerging that the SWIFT (Society for Worldwide Interbank Financial Telecom) attacks began as far back as October 2015 when the Philippines bank was first hit, two months prior to the discovery of the failed attack on Tien Phong Bank in Vietnam.
There are many more articles beyond these, but what it looks like is the Shadow Brokers or some associated individuals pulled off a series of bank heists prior to releasing the applications to the open market. That also open the question of what the NSA was doing with the applications? They could have have been tracking "suspects" but it seems they could have also been moving money for any reason they chose without records being left in the banking system. The possible exploits were only exposed after a series of bank robberies exposed the power of the tools the NSA had developed.
It seems once again crimes have exposed the government's illicit powers concealed by the intelligence community (IC). It is entirely possible that the tools were used legally and only to expose private records of terrorists and spies under FISA warrants, but who knows. The only thing that exposed these exploits was the theft. Kinda makes ya wonder, huh?
The evidence and the different styles of hacking listed in the articles about the bank heists suggests that an initial group stole some NSA hacking tools and pulled off the Bangladesh heist. They may or may not have done Ecuador or the Philippines but it seems that at some point the exploits were sold on the open market, but that does not exclude some clandestine deals with other groups that also have employed the exploits. Once the initial 81 million was stolen they distributed the exploits to other groups who may have also attacked the SWIFT system and other targets to make forensics on nation state level zero day attacks that much more difficult. Several groups attempting independent attacks increased the attack vectors making identification even more difficult. It also appears that the hackers may have targeted banks that had the Trojans installed initially. So why would they go for relatively small scores when they essentially owned the SWIFT system. Could the hackers be attacking networks already infected with the Trojan.
It really makes sense when you think about the banks they hit. The NSA installs the Trojans to "observe" suspected transactions. The hackers obtain the exploits, found the Trojans phoning home and used them to own the infected systems, modified the attack vectors to transfer money. Why not skip the phishing attack when there was already infected banks. Take the path of least resistance that leads back to someone the American government would never admit lead away from the hackers.
Of course that means anyone including the IC could have manipulated transactions, but hey that wouldn't have been a robbery would it. Really the tools could have been used to track transactions, but they could have facilitated the IC surreptitious movement of money to fund operations.
In all reality it was very clever, make a score, don't get greedy, prevent the creation of a M.O. to narrow investigations and identify the perpetrators. But identifying clever when they managed to steal exploits from the NSA and could use the exploits to attack the banking system. Just the fact that they can't be identified means they are pretty slick and the exploits are not for the novice user. There were some skills at work here.
What else was done with the exploits and who are they?
Shadow Brokers Group Releases More Stolen NSA Hacking Tools & Exploits Saturday, April 08, 2017
Besides dumping some NSA's hacking tools back in August 2016, the Shadow Brokers also released an encrypted cache of files containing more NSA's hacking tools and exploits in an auction, asking for 1 Million Bitcoins (around $568 Million). However, after failed auction, the group put up those hacking tools and exploits for direct sale on an underground website, categorizing them into a type — like "exploits," "Trojans," and "implant" — each of which ranged from 1 to 100 Bitcoins (from $780 to $78,000). Now, the Shadow Brokers has finally released password for the encrypted cache of NSA's files, allowing anyone to unlock and download the auction data dump.

CrDj”(;Va.*[email protected])#>deB7mN

THE SHADOW BROKERS MESS IS WHAT HAPPENS WHEN THE NSA HOARDS ZERO-DAYS AUTHOR: ANDY GREENBERG 08.17.16. - 8:34 PM
Everything you need to know about the NSA hack - but were afraid to Google
Shadow Brokers leak systems hacked by NSA – mostly mail and uni servers in India, China
New leak suggests NSA penetrated Mideast banking networks By RAPHAEL SATTER

Sunday April 16, 2017 click here for archives
☰ Latest News
CoincidenceTheorist
-23-
submitted by J_Dillinger to conspiracy [link] [comments]

Shadow Brokers release NSA hacking tools, but were the tools used in a series of bank robberies involving the SWIFT transfer system?

Shadow Brokers Leak Reveals The NSA's Deep Access Into SWIFT Banking Network

In August of 2016, a group calling itself the Shadow Brokers emerged with a treasure trove of purported NSA hacking tools. The group released only a small portion of its take and eventually tried unsuccessfully to auction the good stuff. When no one offered to pay, Shadow Brokers decided to give it away for free.
In an enterprise setting, however, disabling the Windows Firewall and allowing remote desktop connections is quite common. That's where these exploits were designed to work, and the Shadow Brokers data appears to reveal that the NSA used these tools against at least one eyebrow-raising target: a SWIFT bureau in the Middle East.
Following The Money
As part of the Bush administration's War on Terrorism the Terrorist Finance Tracking program was set up. Under TFTP, the U.S. gained the ability to monitor transactions carried out via SWIFT. Why target SWIFT specifically? There are upwards of 11,000 banks in 200 countries that use it, and they exchange around 15 million messages a day. If you need to keep an eye on large amounts of money moving internationally, SWIFT is the key.
•••
A leaked PowerPoint slide appears to confirm that the NSA had successfully set up backdoor monitoring on 9 banks running SWIFT Alliance Access (SAA) servers. At least three others at another SWIFT Bureau were targeted, but they had not been compromised at the time of creation of the PowerPoint presentation in 2013.
A Rundown of the Biggest Cybersecurity Incidents of 2016

Most expensive attacks: Leoni and Bangladesh Bank

Large multinational companies are the prime targets of Business Email Compromise (BEC), which is a type of online scam that usually begins with an attacker compromising a legitimate email account and tricking the company’s financial officer to wire funds to their accounts. Typically the companies that fall victim to these scams deal with foreign suppliers and habitually use wire transfer payments. Victims of BEC scams have increased 270% since the start of 2015, and this year saw one of the largest amounts lost by an enterprise. Read more

Biggest attack vector in finance: SWIFT

The Society for Worldwide Interbank Financial Telecommunication (SWIFT) is a global transaction messaging network used by banks and other financial entities such as foreign exchanges and investment firms. Unfortunately, this year saw attackers targeting SWIFT clients, compromising and manipulating organizations into sending fraudulent money transfer requests. It’s unclear how many of these attacks were actually successful, but in June, SWIFT sent its clients a letter warning them about the possible dangers. The organization also urged clients to update their software and tighten their cyber defenses.
Shadow Brokers Dump Alleged Windows Exploits and NSA Presentations on Targeting Banks
The post includes a link to a selection of files and folders. One sub-folder called "exploits" includes executable files with apparent codenames such as "Eternalsynergy," "Erraticgopher," and "Emeraldthread."
•••
"This is phenomenal data, it has all the hallmarks of slickly produced internal attack tools," Hacker Fantastic continued. "I am certain that analysis on this data will turn up another 0day [zero day]."
Security architect Kevin Beaumont told Motherboard in a Twitter direct message, "All of the Windows implants are new to VirusTotal [an online file scanning tool], which suggests they've not been seen before."
Targets of NSA hacking operations may also be able to determine whether they were compromised thanks to these new files. Cybersecurity company Symantec recently did something similar but with details of alleged CIA hacking tools released by Wikileaks.
Another section of the [dump]( (https://gist.github.com/misterch0c/08829bc65b208609d455a9f4aeaa2a6c) includes several alleged presentations marked "TOP SECRET" concerning "[JEEPFLEA_MARKET](
)." According to a previous analysis by Electrospaces.net, which searches through previously released government documents including the Snowden files for additional clues, Jeepflea is a hacking project from Tailored Access Operations (TAO), the NSA's elite hacking unit.
NSA's powerful Windows hacking tools leaked online
Shadow Brokers leak NSA documents that may reveal operation aimed at Middle Eastern banks
So here are the dots not being connected...
In 2016 Shadow Brokers placed a trove of NSA hacking tools up for sale last year. On 08.17.16 wired reported that that stolen NSA exploit tools were being held hostage for a Bit Coin pay out. When no one came up with the ransom the Shadow Brokers began selling the apps individually for prices that range from 1 to 1000 Bit Coins.
This is only half the story because prior to the release of the information in August 2016 maybe as far back as several years a series of attacks and robberies through the SWIFT system occurred.
Swift Hack Probe Expands to Up to a Dozen Banks Beyond Bangladesh
That Insane, $81M Bangladesh Bank Heist? Here’s What We Know 05.17.16 - 7:00 am
Once Again, Thieves Enter Swift Financial Network and Steal
New details about a second attack involving Swift — the messaging system used by thousands of banks and companies to move money around the world — are emerging as investigators are still trying to solve the $81 million heist from the central bank of Bangladesh in February. In that theft, the attackers were able to compel the Federal Reserve Bank of New York to move money to accounts in the Philippines.
The second attack involves a commercial bank, which Swift declined to identify. But in a letter Swift plans to share with its users on Friday, the messaging network warned that the two attacks bore numerous similarities and were very likely part of a “wider and highly adaptive campaign targeting banks.”
FOURTH bank hit by SWIFT hackers
Evidence is emerging that the SWIFT (Society for Worldwide Interbank Financial Telecom) attacks began as far back as October 2015 when the Philippines bank was first hit, two months prior to the discovery of the failed attack on Tien Phong Bank in Vietnam.
There are many more articles beyond these, but what it looks like is the Shadow Brokers or some associated individuals pulled off a series of bank heists prior to releasing the applications to the open market. That also open the question of what the NSA was doing with the applications? They could have have been tracking "suspects" but it seems they could have also been moving money for any reason they chose without records being left in the banking system. The possible exploits were only exposed after a series of bank robberies exposed the power of the tools the NSA had developed.
It seems once again crimes have exposed the government's illicit powers concealed by the intelligence community (IC). It is entirely possible that the tools were used legally and only to expose private records of terrorists and spies under FISA warrants, but who knows. The only thing that exposed these exploits was the theft. Kinda makes ya wonder, huh?
The evidence and the different styles of hacking listed in the articles about the bank heists suggests that an initial group stole some NSA hacking tools and pulled off the Bangladesh heist. They may or may not have done Ecuador or the Philippines but it seems that at some point the exploits were sold on the open market, but that does not exclude some clandestine deals with other groups that also have employed the exploits. Once the initial 81 million was stolen they distributed the exploits to other groups who may have also attacked the SWIFT system and other targets to make forensics on nation state level zero day attacks that much more difficult. Several groups attempting independent attacks increased the attack vectors making identification even more difficult. It also appears that the hackers may have targeted banks that had the Trojans installed initially. So why would they go for relatively small scores when they essentially owned the SWIFT system. Could the hackers be attacking networks already infected with the Trojan.
It really makes sense when you think about the banks they hit. The NSA installs the Trojans to "observe" suspected transactions. The hackers obtain the exploits, found the Trojans phoning home and used them to own the infected systems, modified the attack vectors to transfer money. Why not skip the phishing attack when there was already infected banks. Take the path of least resistance that leads back to someone the American government would never admit lead away from the hackers.
Of course that means anyone including the IC could have manipulated transactions, but hey that wouldn't have been a robbery would it. Really the tools could have been used to track transactions, but they could have facilitated the IC surreptitious movement of money to fund operations.
In all reality it was very clever, make a score, don't get greedy, prevent the creation of a M.O. to narrow investigations and identify the perpetrators. But identifying clever when they managed to steal exploits from the NSA and could use the exploits to attack the banking system. Just the fact that they can't be identified means they are pretty slick and the exploits are not for the novice user. There were some skills at work here.
What else was done with the exploits and who are they?
Shadow Brokers Group Releases More Stolen NSA Hacking Tools & Exploits Saturday, April 08, 2017
Besides dumping some NSA's hacking tools back in August 2016, the Shadow Brokers also released an encrypted cache of files containing more NSA's hacking tools and exploits in an auction, asking for 1 Million Bitcoins (around $568 Million). However, after failed auction, the group put up those hacking tools and exploits for direct sale on an underground website, categorizing them into a type — like "exploits," "Trojans," and "implant" — each of which ranged from 1 to 100 Bitcoins (from $780 to $78,000). Now, the Shadow Brokers has finally released password for the encrypted cache of NSA's files, allowing anyone to unlock and download the auction data dump.

CrDj”(;Va.*[email protected])#>deB7mN

THE SHADOW BROKERS MESS IS WHAT HAPPENS WHEN THE NSA HOARDS ZERO-DAYS AUTHOR: ANDY GREENBERG 08.17.16. - 8:34 PM
Everything you need to know about the NSA hack - but were afraid to Google
Shadow Brokers leak systems hacked by NSA – mostly mail and uni servers in India, China
New leak suggests NSA penetrated Mideast banking networks By RAPHAEL SATTER

Sunday April 16, 2017 click here for archives
☰ Latest News
CoincidenceTheorist
-23-
submitted by J_Dillinger to CoincidenceTheorist [link] [comments]

Special Edition — Andy Greenberg from WIRED on his book Sandworm Huge News On The Zilliqa Blockchain! Staking, Binance, Huobi, Bitbns, Scilla and Made In Italy! Andy Greenberg - YouTube Andy Greenberg Columbia sc - Sad News Andy Greenberg ... CoinAgenda Asia  Bitcoin & Digital Currency Investors Conference  Singapore June 21st to 23rd

Forbes journalist Andy Greenberg said that computer scientiste ... Elon Musk denied rumors that he is the mysterious inventor of bitcoin. The Mercury News: Adrian Chen wrote in The New Yorker last year that the search for Nakamoto’s true identity “is one of the most compelling stories in technology. Prices started to rise and Mt. Gox became the most important bitcoin 55 Andy Greenberg, Crypto CurrencyF. ORBES, May 9, 2011, at 40 , [hereinafter Greenberg, Crypto Currency]. The program, bitcoin miner, was The drastic change in the price” of bitcoin was mostly due to the demand resulting from speculation and an increase in public awareness. On April 20, 2011, Forbes writer Andy Greenberg wrote up a very positive take on bitcoin under the title “Cryptocurrency.” Prices started to rise and Mt. Gox became the most important bitcoin ... Several days ago, a really good piece by Forbes staff writer Andy Greenberg entitled Nakamoto’s Neighbor: My Hunt For Bitcoin’s Creator Led To A Paralyzed Crypto Genius began making its rounds on social media.. The piece, if you haven’t had a chance to read it, surrounds Hal Finney, one of the first people (aside from Satoshi Nakamoto) to embrace the bitcoin technology. Andy Greenber g. Security. 08.18.2020 01:40 PM ... The hackers successfully took control of 45 of those accounts and used them send tweets promoting a basic bitcoin scam. ... Andy Greenberg is a ...

[index] [7890] [13630] [26665] [5739] [18414] [253] [22984] [7118] [10830] [10110]

Special Edition — Andy Greenberg from WIRED on his book Sandworm

In Sandworm, Andy Greenberg, a senior writer at WIRED, follows the trail of NotPetya, the malware that crippled significant portions of Ukraine’s infrastructure. ... NBC News NBC News 40,378 ... News Live Fashion Spotlight 360° Video Browse channels Sign in to like videos, comment, and subscribe. ... Andy Greenberg uploaded a video 10 years ago 10:31. China2019 - Duration: 10 minutes. Bitcoin adoption if far from being mainstream, while we wait for crypto to cross the tipping point of adoption a great investment opportunity at these prices exist, but how early are we? BINANCE ... In this CyberWire special edition, a conversation with Andy Greenberg, senior writer at WIRED and author of the new book Sandworm - A New Era of CyberWar and the Hunt for the Kremlin’s Most ... Wired Senior Writer Andy Greenberg discusses Russian cyberattacks against the Ukraine and why he thinks these are just practice rounds for a larger global attack or an attack on the U.S. power grid.

#