SWIFT, the global financial network used by banks to transfer billions of dollars every day, warned its customers to beware of cyber fraud
SWIFT said Monday that it was aware of “a number of recent cyber incidents” where attackers had sent fraudulent messages over its system. The disclosure came as law enforcement authorities in Bangladesh and elsewhere investigated the February cyber theft of millions from the Bangladesh central bank account at the New York Federal Reserve Bank [here]. SWIFT has acknowledged that the cyber fraud incident involved altering SWIFT software on Bangladesh Bank’s computers to hide evidence of fraudulent transfers.
Monday’s statement from SWIFT marked the first acknowledgement that the Bangladesh Bank attack was not an isolated incident but one of several recent criminal schemes that aimed to take advantage of the global messaging platform used by some 11,000 financial institutions.
“SWIFT is aware of a number of recent cyber incidents in which malicious insiders or external attackers have managed to submit SWIFT messages from financial institutions’ back-offices, PCs or workstations connected to their local interface to the SWIFT network,” the group warned customers on Monday in a notice seen by Reuters.
The BAE alert to be published on Monday includes some technical indicators that the firm said it hopes banks could use to thwart similar attacks. Those indicators include the IPaddress of a server in Egypt the attackers used to monitor use of the SWIFT system by Bangladesh Bank staff.
The malware, named evtdiag.exe, was designed to hide the hacker’s tracks by changing information on a SWIFT database at Bangladesh Bank that tracks information about transfer requests, according to BAE.
BAE said that evtdiag.exe was likely part of a broader attack toolkit that was installed after the attackers obtained administrator credentials. It is still not clear exactly how the hackers ordered the money transfers. One thing is clear, cyber fraud and attacks are becoming more sophisticated. When the potential payoff is in the hundreds of millions, hackers are willing to go to great lengths.
More Here [BusinessInsider]