This story is over 5 years old.


Alleged NSA Victim Denies Hackers Ever Broke In

The Shadow Brokers released several alleged NSA files, which explicitly called out EastNet as a target.
Image: LDprod/Shutterstock

On Friday, a group of hackers calling itself The Shadow Brokers released a large cache of Windows exploits, and a smaller selection of alleged NSA presentations and files. Included in those files was apparent evidence that the NSA had compromised systems used by various banks and financial firms.

One slide pointed specifically to EastNets, an anti-money laundering and fraud prevention organization. But EastNets' CEO has vehemently denied NSA hackers ever broke in.


"The reports of an alleged hacker-compromised EastNets Service Bureau (ENSB) network is totally false and unfounded," EastNets' CEO Hazem Mulhim told Motherboard in an email. "The EastNets Network internal Security Unit has ran a complete check of its servers and found no hacker compromise or any vulnerabilities."

Read more: A Brief Interview with The Shadow Brokers, The Hackers Selling NSA Exploits

EastNets has over 1,000 customers worldwide, including 22 of the top 50 banks, according to its website.

EastNet is described explicitly as a "target" in an alleged NSA presentation on JEEPFLEA_MARKET. According to previously released documents from the Snowden archive, JEEPFLEA is a Tailored Access Operations (TAO) hacking project; TAO being the elite hacking unit of the NSA.

"Regained access to the employee network," the slide reads.

The latest Shadow Brokers release also includes several alleged network maps related to EastNets. One, dated December 2010, supposedly lays out the firm's employee network in the United Arab Emirates and Belgium. Another includes alleged connections between various ENSB data centres, offices, and IP addresses.

"The EastNets Service Bureau runs on a separate secure network that cannot be accessed over the public networks. The photos shown on Twitter, claiming compromised information, is about pages that are outdated and obsolete, generated on a low-level internal server that is retired since 2013," Mulhim continued.

Mulhim also said that there was "no credibility" to the claim that EastNets customer information had been compromised. (Researchers digging through the dump haven't necessarily said that specifically customer information was obtained).

"While we cannot ascertain the information that has been published, we can confirm that no EastNets customer data has been compromised in any way, EastNets continues to guarantee the complete safety and security of its customers data with the highest levels of protection from its SWIFT certified Service bureau," Mulhim added.

Motherboard is nominated for three Webby awards, Best Science YouTube Channel, Best Drama, Best Tech/Science Podcast. Please vote for us!