1. Skip to content
  2. Skip to main menu
  3. Skip to more DW sites

SWIFT managers admit to second breach

May 13, 2016

Just months after $81 million was stolen from a Bangladeshi bank, managers at the SWIFT banking transfer system have admitted to a second breach. Experts have not determined how much, if any, money was stolen this time.

Bangladesh Bank - the central bank of Bangladesh - is an eight story glass and metal framed buidling that stands in front of a busy thoroughfare in Dhaka.
Bangladesh Bank - the central bank of BangladshImage: Reuters/A. Rahman

The global financial messaging system that transfers billions of dollars across the globe every day is under attack by hackers in what experts have said could point to coordinated, online attempts to rob banks.

SWIFT - the Society for Worldwide Interbank Financial Telecommunication - admitted on Friday that the system has been breached twice within the past four months, including a February attack that siphoned $81 million (71.4 million euros) out of Bangladesh Bank, the country's central bank.

The looted funds were just the tip of the iceberg, as the hackers had sought to steal $951 million.

Network managers said Friday that a second malware attack targeted a commercial bank. SWIFT spokeswoman Natasha de Teran declined to name the bank or say how much, if any, money was stolen.

SWIFT is expected to send a letter to its users saying the attackers, who may be insiders or have access to people with inside knowledge of the transfer system, exhibited a "deep and sophisticated knowledge of specific operational controls" at targeted banks and may have been aided by "malicious insiders or cyber attacks or a combination of both."

The Belgian-based cooperative is owned by member banks and used by 11,000 financial institutions around the world. SWIFT said forensic data experts believe the second case showed that the Bangladesh heist "was not a single occurrence, but part of a wider and highly adaptive campaign targeting banks."

SWIFT headquartrs in Brussels - single story, columned, building that stands alone, in the middle of a forest, with a large manicured lawn.
Brussels headquarters of the Society for Worldwide Interbank Financial Telecommunications - SWIFTImage: AP

Investigations continue

News of a second breach comes as authorities in Bangladesh and elsewhere continue to investigate the February theft from Bangladesh Bank account at the New York Federal Reserve Bank.

In both cases SWIFT said the attackers succeeded in penetrating the targeted banks' systems, obtaining user credentials and submitting fraudulent SWIFT messages that correspond with transfers of money.

In the latest case, SWIFT said attackers had also used a type of malware called a "Trojan PDF reader" to manipulate PDF reports confirming the messages in order to hide their tracks.

Meanwhile, a new report said security at Bangladesh Bank remains low and the institution is at risk of further attacks.

The report was prepared by US security firms hired by the bank to evaluate the theft and the bank's security measures.

"There are some residual risks that the governor and board should understand, namely that Bangladesh Bank network is still not secure, and there exists a possibility of malicious acts by hackers," according to the report, parts of which were seen by Reuters news agency.

Bangladesh Bank has declined comment on investigations into the heist. Asked about the latest report, a spokesman said, "We have engaged forensic experts to investigate the whole thing."

bik/sms (Reuters, AFP)

Skip next section Explore more
Skip next section DW's Top Story

DW's Top Story

Polish Prime Minister Mateusz Morawiecki inspects the site with Ukrainian Prime Minister Denys Shmyhal as he receives information from officials during delivering process of the first batch of the Leopard tanks
Skip next section More stories from DW
Go to homepage