PARIS — A new set of documents purportedly lifted from the U.S. National Security Agency suggests that American spies have burrowed deep into the Middle East’s financial network, apparently compromising the Dubai office of the anti-money laundering and financial services firm EastNets.
TheShadowBrokers, which startled the security experts last year by releasing some of the NSA’s hacking tools, has resumed pouring secrets into the public domain, this time by publishing purported details of the NSA’s operations against banks across the Arab world. In a first for TheShadowBrokers, the data includes PowerPoint slides and purported target lists, suggesting that the group has access to a broader range of data than previously known.
“This is by far the most brutal dump,” said Comae Technologies founder Matt Suiche, who has closely followed the group’s disclosures and initially helped confirm its connection to the NSA last year. In a blog post , he said it appeared that thousands of employee accounts and machines from the EastNets’ offices had been compromised and that financial institutions in Kuwait, Bahrain and the Palestinian territories had been targeted for espionage.
Calls and messages left with EastNets’ offices in Dubai, London and New York were either not picked up or not immediately returned.
The authenticity of Friday’s document dump could not immediately be determined but the group’s previous releases have been corroborated by material leaked by former U.S. intelligence contractor Edward Snowden and software patches issued by major U.S. technology firms .
The NSA did not immediately return emails seeking comment.
Because EastNets provides a host of Arab banks connectivity to the banking system’s electronic backbone, known as SWIFT, compromising the company would give the NSA the ability to silently track financial transactions across the Middle East, Suiche said in a phone call.
He said other documents in the release suggested an even wider effort to monitor the world’s transactions.
“I’ll bet it’s not the only SWIFT service bureau that’s been compromised,” he said.