Another prominent security researcher, Cris Thomas, said the NSA hack was carried out "presumably as a way to monitor, if not disrupt, financial transactions to terrorist groups".
Mustafa Al-Bassam, a computer science researcher at University College London, said on Twitter that the Shadow Brokers documents show that the "NSA hacked a bunch of banks, oil and investment companies in Palestine, UAE, Kuwait, Qatar, Yemen, more".
"The EastNets Service Bureau runs on a separate secure network that can not be accessed over the public networks".
"We can confirm that no EastNets customer data has been compromised in any way".
The NSA's official seal appeared on one of the slides in the presentation, although Reuters could not independently determine the authenticity of the slides. Microsoft itself seems to imply that the NSA didn't warn the company.
Those exploits could have allowed an attacker to compromise affected computers on a range of Windows versions. "Once the NSA is aware an adversary knows of the vulnerabilities, the agency has an obligation to protect US interests through disclosure". You'd hope the government would attempt to protect the company and its hundreds of millions of users once it became aware that its own hacking files ended up in the wrong hands. Under a White House process established by former President Barack Obama's staff, companies were usually warned about unsafe flaws.
Several of the files we've seen appear to be "top secret" in classification, such as JeepfleaMarket, which appears to utilize the Jeepflea program to collect data on servers at least nine global banks. Hackers use them to insert back doors for continued access, eavesdropping or to insert other tools. Furthermore, Microsoft hasn't been upgrading the security of these systems for a while; just three days ago, it ended all support of Windows Vista.
The former NSA contractor, who has fled to Russian Federation to avoid prosecution, said the NSA knew about the breach but refused to inform software companies. They did admit, however, that it was possible that the local networking systems of some individual SWIFT users may have been breached. SWIFT transfers trillions of dollars everyday.
"There is no impact on SWIFT's infrastructure or data, however, we understand that communications between these service bureaus and their customers may previously have been accessed by unauthorised third parties". In a message sent to TechCrunch overnight, the company said it has addressed the issue for systems running Windows 7 and later.