Menu
SWIFT banking network warns customers of cyberfraud cases

SWIFT banking network warns customers of cyberfraud cases

Bangladesh Bank attack appears to be part of a bigger threat

SWIFT, the international banking transactions network, has warned customers of "a number" of recent incidents in which criminals sent fraudulent messages through its system.

The warning from SWIFT (Society for Worldwide Interbank Financial Telecommunication) suggests that a February attack on the Bangladesh Bank, in which thieves got away with US $81 million, was not an isolated incident.

SWIFT is aware of malware that "aims to reduce financial institutions’ abilities" to find evidence of fraudulent transactions on their local systems, the organization said Tuesday. The malware has "no impact on SWIFT’s network or core messaging services," it added.

SWIFT has informed customers that "there are other instances in which customers’ internal vulnerabilities have been exploited," the organization added. SWIFT is calling on customers to take steps to secure their systems and has issued a mandatory software update.

Attackers in these incidents have compromised bank systems and obtained valid credentials for creating and submitting messages on the network, SWIFT said. "The malware is designed to hide the traces of fraudulent payments from customers’ local database applications and can only be installed on users’ local systems by attackers that have successfully identified and exploited weaknesses in their local security," the organization said.

The hackers, who attacked the Bangladesh Bank, appeared to use custom malware designed to interfere with SWIFT's transaction software, researchers said this week.

SWIFT is now aware of "a number of recent cyber incidents in which malicious insiders or external attackers have managed to submit SWIFT messages from financial institutions' back-offices, PCs or workstations" connected to the SWIFT network, said a confidential notice seen by Reuters, according to a news story posted Tuesday.

SWIFT did not name any victims or disclose the amount of losses related to the recent cyberattacks.

The organization has issued a security update on Monday aimed at the malware that researchers identified as used in the Bangladesh attack. The likely Bangladesh malware, identified by researchers from BAE Systems, appears to be a custom attack toolkit, they said. The malware was designed to monitor, delete and alter transaction records in the database used by the SWIFT client software.


Follow Us

Join the newsletter!

Error: Please check your email address.

Featured

Slideshows

Kiwi channel closes 2017 with After Hours

Kiwi channel closes 2017 with After Hours

The channel in New Zealand came together to celebrate the close of 2017, as the final After Hours played out in front of a bumper Auckland crowd.

Kiwi channel closes 2017 with After Hours
Meet the top performing HP partners in NZ

Meet the top performing HP partners in NZ

HP honoured leading partners across the channel at the Partner Awards 2017 in New Zealand, recognising excellence across the entire print and personal systems portfolio.

Meet the top performing HP partners in NZ
Tech industry comes together as Lexel celebrates turning 30

Tech industry comes together as Lexel celebrates turning 30

Leading figures within the technology industry across New Zealand came together to celebrate 30 years of success for Lexel Systems, at a milestone birthday occasion at St Matthews in the City.​

Tech industry comes together as Lexel celebrates turning 30
Show Comments