Cyberhackers used malware to target a PDF reader at an unnamed bank, allowing them to transfer money and tamper with bank documents, global bank transfer co-operative SWIFT says.
The Belgium-based Society for Worldwide Interbank Financial Telecommunication — a co-operative of more than 11,000 global banks that allows them to securely transfer billions of dollars worth of transactions between themselves every year — said one of its members was compromised by cybercriminals in a manner similar to the recent theft of more than $100 million from Bangladesh's central bank.
- Iranian hackers charged in attack on U.S. banks
- How a hacker's typo stopped a billion-dollar bank heist
SWIFT said Friday that attackers had malware to target a PDF reader at a bank, which it did not name, allowing them to transfer money and tamper with bank documents.
SWIFT declined to confirm whether any funds had been taken out, but urged its clients to review their security systems.
The group described the hack as "not a single occurrence, but part of a wider and highly adaptive campaign targeting banks."
Essentially, SWIFT says that hackers managed to steal enough information from a member bank that allowed them to transfer funds via SWIFT's network because the transaction would have looked legitimate and had the right credentials.
Swift said "the attackers clearly exhibit a deep and sophisticated knowledge of specific operational controls within the targeted banks."
It said that know-how "may have been gained from malicious insiders or cyberattacks, or a combination of both."
- Hacker ring stole $1B from banks in 30 countries
- Starbucks app used to hack into bank accounts, credit cards
SWIFT's network is believed to be among the most secure ways in the world of transferring money, but two major breaches in the span of as many months is a concerning development for the people who run the communications network that underpins the world's financial system.
Weapons maker BAE Systems also has a large cybersecurity business and it said Friday it had uncovered evidence linking malicious software used in the Bangladesh heist to the high-profile attack on Sony's Hollywood studio in 2014 and other cases.
"What initially looked to be an isolated incident at one Asian bank turned out to be part of a wider campaign," BAE's cyber-security team said in a report it released on Friday.
BAE also said it uncovered malware that was recently used to target a Vietnamese commercial bank using fraudulent messages on the SWIFT money-transfer network. The malware operated "in a similar fashion" to the Bangladesh Bank hack, BAE said.
Bangladeshi investigators say that at least 20 foreigners were involved. They said the suspects were identified after investigators visited Sri Lanka and the Philippines, where the stolen money was transferred. Sri Lanka intercepted $20 million transferred there and returned it to Bangladesh.