Swift, the financial messaging system targeted as part of an orchestrated an $81m cyberattack at the Bangladesh central bank, has revealed a second bank suffered a similar malware-based attack.
Swift spokeswoman Natasha de Teran, speaking to Reuters, refused to name the bank involved but noted it was a commercial institution that was targeted.
It remains unclear how much money, if any, was stolen in the incident or if any internal computer systems were compromised.
In a statement, Swift said the attackers had a “deep and sophisticated knowledge of specific operational controls” at the banks and touted the idea that the heist was aided by “malicious insiders or cyberattacks, or a combination of both.”
According to Reuters, forensic experts said the second case showed that the Bangladesh heist “was not a single occurrence, but part of a wider and highly adaptive campaign targeting banks.”
Who was hit?
In a separate report, due to be realised in full by BAE systems on Friday 13 May, security researchers claim the second bank impacted is located in Vietnam – however IBTimes UK has not independently verified these findings. BAE is expected to reveal evidence that the Bangladesh cyberattack is closely related to the Operation Blockbuster incident that targeted Sony Pictures in 2014.
The Swift (Society for Worldwide Interbank Financial Telecommunication) system is a global messaging network used by 11,000 financial organisations to communicate securely and is used to move billions of dollars every day. Any suggestion this core system has been infiltrated would put every institution on high alert – however to date Swift has denied its main systems have been breached.
In the most recent incident, Swift said the attackers – either external hackers or an insider threat – used a piece of malware called a “Trojan PDF reader” to hide their tracks while in the messaging system.
Previously, Bangladesh police probing the incident said it is possible Swift banking technicians intentionally introduced loopholes into the system – however this claim was not backed up with solid proof.
Mohammad Shah Alam, the head of the criminal investigation department of Bangladesh police, said: “We found a lot of loopholes.
The changes caused much more risk for Bangladesh Bank. Whether it is intentional or negligence, we are trying to find out.”
In response, Swift denied the allegations. “The accusations have no basis in fact,” it said in a statement.
“As a Swift user like any other, Bangladesh Bank is responsible for the security of its own systems interfacing with the Swift network and their related environment – starting with basic password protection practices – in much the same way as they are responsible for their other internal security considerations.”