SWIFT says hackers successfully infiltrated a commercial bank

Cyberhackers used malware to target a PDF reader at an unnamed bank, allowing them to transfer money and tamper with bank documents, global bank transfer co-operative SWIFT says.
Hackers have successfully infiltrated a unnamed commercial bank, financing co-operative SWIFT says. (Shutterstock)

Cyberhackers used malware to target a PDF reader at an unnamed bank, allowing them to transfer money and tamper with bank documents, global bank transfer co-operative SWIFT says.

The Belgium-based Society for Worldwide Interbank Financial Telecommunication — a co-operative of more than 11,000 global banks that allows them to securely transfer billions of dollars worth of transactions between themselves every year — said one of its members was compromised by cybercriminals in a manner similar to the recent theft of more than $100 million from Bangladesh's central bank.

SWIFT said Friday that attackers had malware to target a PDF reader at a bank, which it did not name, allowing them to transfer money and tamper with bank documents.

SWIFT declined to confirm whether any funds had been taken out, but urged its clients to review their security systems.

The group described the hack as "not a single occurrence, but part of a wider and highly adaptive campaign targeting banks."

Essentially, SWIFT says that hackers managed to steal enough information from a member bank that allowed them to transfer funds via SWIFT's network because the transaction would have looked legitimate and had the right credentials.

Swift said "the attackers clearly exhibit a deep and sophisticated knowledge of specific operational controls within the targeted banks."

It said that know-how "may have been gained from malicious insiders or cyberattacks, or a combination of both."

SWIFT's network is believed to be among the most secure ways in the world of transferring money, but two major breaches in the span of as many months is a concerning development for the people who run the communications network that underpins the world's financial system.

Weapons maker BAE Systems also has a large cybersecurity business and it said Friday it had uncovered evidence linking malicious software used in the Bangladesh heist to the high-profile attack on Sony's Hollywood studio in 2014 and other cases.

"What initially looked to be an isolated incident at one Asian bank turned out to be part of a wider campaign," BAE's cyber-security team said in a report it released on Friday.

BAE also said it uncovered malware that was recently used to target a Vietnamese commercial bank using fraudulent messages on the SWIFT money-transfer network. The malware operated "in a similar fashion" to the Bangladesh Bank hack, BAE said.

Bangladeshi investigators say that at least 20 foreigners were involved. They said the suspects were identified after investigators visited Sri Lanka and the Philippines, where the stolen money was transferred. Sri Lanka intercepted $20 million transferred there and returned it to Bangladesh.

With files from Reuters and The Associated Press


To encourage thoughtful and respectful conversations, first and last names will appear with each submission to CBC/Radio-Canada's online communities (except in children and youth-oriented communities). Pseudonyms will no longer be permitted.

By submitting a comment, you accept that CBC has the right to reproduce and publish that comment in whole or in part, in any manner CBC chooses. Please note that CBC does not endorse the opinions expressed in comments. Comments on this story are moderated according to our Submission Guidelines. Comments are welcome while open. We reserve the right to close comments at any time.

Become a CBC Member

Join the conversation  Create account

Already have an account?