Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Home Others Hackers infiltrate another SWIFT bank

Hackers infiltrate another SWIFT bank

Thursday, May 19, 2016
Cyber hackers infiltrated an unnamed bank on Thursday (May 12) using malware to target a PDF reader which allowed them to transfer money and tamper with bank documents, global bank transfer co-operative SWIFT said.

SWIFT is a Belgium-based society for Worldwide Interbank Financial Telecommunication. More than 11,000 global banks securely transfer billions of dollars every year through the society.

SWIFT spokeswoman, Natasha de Teran said that one of its members was attacked by cybercriminals in a similar way that led to February’s $81 million cyber heist at the Bangladesh central bank.

It was not immediately clear how much money, if any, was stolen in the second attack.

Though Teran declined to reveal the name of the bank, but a UK-based security firm, BAE Systems, said in a blog post that it believes the second victim is a commercial bank in Vietnam.

BAE isn't directly involved in the investigation, but analysed malware samples uploaded to public repositories from locations in both Bangladesh and Vietnam and found a match. BAE said details in the code from the Bangladesh and Vietnam hacks also match a third breach, the devastating 2014 attack on Sony Pictures, which US officials attributed to North Korea. BAE said the match indicates that the same hackers may be behind all three attacks

Confirmation of a second attack on a bank will likely increase scrutiny on the security of a network that is a linchpin of the global financial system.

SWIFT said in a statement that the attackers exhibited a "deep and sophisticated knowledge of specific operational controls" at targeted banks and may have been aided by "malicious insiders or cyber attacks, or a combination of both."

SWIFT said that hackers managed to steal enough information from a member bank that allowed them to transfer funds via SWIFT's network because the transaction would have looked legitimate and had the right credentials.

SWIFT has acknowledged that the scheme involved altering SWIFT software to hide evidence of frauulent transfers, but that the messaging system it controls was not compromised.

SWIFT's network is believed to be among the most secure ways in the world of transferring money, but two major breaches in the span of as many months is a concerning development for the people who run the communications network that underpins the world's financial system.

In its warning, Swift said customers using PDF reader applications to check confirmation messages should take particular care.

The attempted theft of almost $1 billion has prompted central banks around the globe to review defenses against hackers, along with calls by US government officials to beef up security.


Share it: