Swift warns hack on bank after Bangladesh heist

The silhouette of a man is seen typing on a laptop computer an arranged photograph taken in Tiskilwa, Illinois, U.S., on Thursday, Jan. 8, 2015. U.S. officials are discussing whether new standards should be set for government action in response to hacks like the one suffered by Sony Pictures Entertainment, such as if a certain level of monetary damage is caused or if values such as free speech are trampled, National Security Agency Director Michael Rogers said in an interview with Bloomberg News. Photographer: Daniel Acker/Bloomberg

 

Bloomberg

Swift, the inter-bank messaging system embroiled in one of the largest cyber heists in history, warned customers that hackers have struck again, attacking a commercial bank client that it didn’t name.
The details of a second hack follow a cyber-theft in February, when more than $80 million was stolen from Bangladesh’s account at the Federal Reserve Bank of New York. Swift last month warned users last month that it was aware of several similar attacks.
This time, the hackers used malware to target a PDF reader used by the customer to check its statement messages, Swift said. A Swift spokesman declined to reveal the name of the bank, but a UK-based security firm, BAE Systems Plc, said in a blog post that it believes the second victim is a commercial bank in Vietnam. BAE isn’t directly involved in the investigation, but analysed malware samples uploaded to public repositories from locations in both Bangladesh and Vietnam and found a match.
BAE said details in the code from the Bangladesh and Vietnam hacks also match a third breach, the devastating 2014 attack on Sony Pictures, which US officials attributed to North Korea. BAE said the match indicates that the same hackers may be behind all three attacks: “This adds a significant lead to the investigation,” BAE said in its post. An earlier report by the company probing the hack for the bank came to a different conclusion, according to a person briefed on the investigation.
“Forensic experts believe this new discovery evidences that the malware used in the earlier reported customer incident was not a single occurrence, but part of a wider and highly adaptive campaign targeting banks,” Swift said in a statement.
“The attackers clearly exhibit a deep and sophisticated knowledge of specific operational controls within the targeted banks — knowledge that may have been gained from malicious insiders or cyber attacks, or a combination of both.”
In its warning, Swift said customers using PDF reader applications to check confirmation messages should take particular care. Hundreds of billions of dollars are moved internationally through the Swift system every day.
Investigators examining the theft from Bangladesh’s central bank have uncovered evidence of three hacking groups, including a group linked to North Korea, inside the bank’s network but say it was an unidentified group that pulled off the heist, people familiar with the bank said.
earlier this week. The attempted theft of almost $1 billion has prompted central banks around the globe to review defenses against hackers, along with calls by US government officials to beef up security.

Leave a Reply

Send this to a friend