The $81 million heist that was carried out from the Bangladesh Bank in February was done by attackers who hacked into the bank’s SWIFT software. They were able to steal the money by hacking into the software to transfer the money. The attackers were also able to cover up their tracks in a very effective manner.
The attacker, based in Bangladesh, was able to develop a malware which was highly sophisticated and could interact with the local SWIFT software in his vicinity.
SWIFT is a cooperative of 3,000 organizations, based in Belgium. It provides a platform to transfer funds internationally. SWIFT is in the know, that there exists a malware that can reduce the financial institutions systems abilities that can cause various fraudulent transactions on their local systems. They are however saying that this malware is not capable of hacking into their network or causing extreme damage as far as their messaging services are concerned. This is contrary to the reports, which suggest otherwise.
In case of any hacking to the SWIFT software can cause transfer of funds from the victim’s account to the attackers account. As seen in the Bangladesh Bank case, there were 30 SWIFT transactions on FEB 5th, for a withdrawal of $ 1 billion from the US Federal Reserve in New York using the SWIFT bank code. Only $ 81 million could be transferred and the balance $ 6.9 million was still retrievable.
The malware used in the Bangladesh Bank SWIFT software was specially designed with a complete know how of the SWIFT Alliance Access software and excellent malware coding abilities.
The malware used by the attacker was not only used to change the SWIFT transactions, but also to hide any of the changes made, since all the transfers that take place are sent by the SWIFT’s software to a printer. When the transactions are printed out, the officials of banking sector can notice any fraudulent transactions and take action immediately. They can thus prevent any malafide transactions from taking place. The malware used in this case intercepted the SWIFT messages and the altered manipulated copies of such messages were printed. In this way they were able to cover up their fraudulent transactions. The malware used, seems to be a wider attack toolkit, allowing the attacker to send forged instructions for payment and also cover up his tracks. This gave the attacker ample amount of time to carry out the transactions and enabling multiple transactions without being detected.
SWIFT is coming out with a software to counteract such related attacks, including alteration in the database records. The customers on their part are encouraged to keep all their IT systems up to date in order to prevent the attackers from hacking into any loopholes in their local security systems.
A spokesperson has advised their customers to keep an eye on any anomalies seen in their local database records whereby helping the customers to keep their accounts secure. The most vital is to adopt adequate security measures and safeguard their systems.
The authorities warn that the malware and the various related tools can be a threat for SWIFT customers. They can be configured easily and likely to cause similar attacks in future. A worrying aspect is how the attackers sent these transactions, the malware used in the systems and who are the people behind this scam.
The attacker, based in Bangladesh, was able to develop a malware which was highly sophisticated and could interact with the local SWIFT software in his vicinity.
SWIFT is a cooperative of 3,000 organizations, based in Belgium. It provides a platform to transfer funds internationally. SWIFT is in the know, that there exists a malware that can reduce the financial institutions systems abilities that can cause various fraudulent transactions on their local systems. They are however saying that this malware is not capable of hacking into their network or causing extreme damage as far as their messaging services are concerned. This is contrary to the reports, which suggest otherwise.
In case of any hacking to the SWIFT software can cause transfer of funds from the victim’s account to the attackers account. As seen in the Bangladesh Bank case, there were 30 SWIFT transactions on FEB 5th, for a withdrawal of $ 1 billion from the US Federal Reserve in New York using the SWIFT bank code. Only $ 81 million could be transferred and the balance $ 6.9 million was still retrievable.
The malware used in the Bangladesh Bank SWIFT software was specially designed with a complete know how of the SWIFT Alliance Access software and excellent malware coding abilities.
The malware used by the attacker was not only used to change the SWIFT transactions, but also to hide any of the changes made, since all the transfers that take place are sent by the SWIFT’s software to a printer. When the transactions are printed out, the officials of banking sector can notice any fraudulent transactions and take action immediately. They can thus prevent any malafide transactions from taking place. The malware used in this case intercepted the SWIFT messages and the altered manipulated copies of such messages were printed. In this way they were able to cover up their fraudulent transactions. The malware used, seems to be a wider attack toolkit, allowing the attacker to send forged instructions for payment and also cover up his tracks. This gave the attacker ample amount of time to carry out the transactions and enabling multiple transactions without being detected.
SWIFT is coming out with a software to counteract such related attacks, including alteration in the database records. The customers on their part are encouraged to keep all their IT systems up to date in order to prevent the attackers from hacking into any loopholes in their local security systems.
A spokesperson has advised their customers to keep an eye on any anomalies seen in their local database records whereby helping the customers to keep their accounts secure. The most vital is to adopt adequate security measures and safeguard their systems.
The authorities warn that the malware and the various related tools can be a threat for SWIFT customers. They can be configured easily and likely to cause similar attacks in future. A worrying aspect is how the attackers sent these transactions, the malware used in the systems and who are the people behind this scam.