New cyber attack made on bank after Bangladesh raid
Published 13/05/2016 | 12:56
A new cyber attack has hit an unnamed bank, part of a co-ordinated campaign that follows the theft of 101 million US dollars (£70 million) from the Bangladesh central bank, Swift said.
The Belgium-based international money transfer supervisor said attackers had used malware to target a PDF reader at a bank, allowing them to transfer money and tamper with bank documents.
It did not say whether any money was taken but called on clients to urgently review their security systems.
Swift said forensic experts believe the use of the malware is "not a single occurrence, but part of a wider and highly adaptive campaign targeting banks".
It underlined that the Swift system, which connects more than 11,000 banking and securities organisations as well as other clients moving billions each year, had not been compromised by the malware.
Swift said "the attackers clearly exhibit a deep and sophisticated knowledge of specific operational controls within the targeted banks".
It said that know-how "may have been gained from malicious insiders or cyber attacks, or a combination of both".
In February, cyber attackers stole 101 million dollars from the Bangladesh central bank's account in the Federal Reserve Bank of New York.
Bangladeshi investigators said that at least 20 foreigners were involved.
They said the suspects were identified after investigators visited Sri Lanka and the Philippines, where the stolen money was transferred.
Sri Lanka intercepted 20 million dollars (£13.9 million) transferred there and returned it to Bangladesh.