Just months after $81 million was stolen from a Bangladeshi bank, managers at the SWIFT banking transfer system have admitted to a second breach. Experts have not determined how much, if any, money was stolen this time.
The global financial messaging system that transfers billions of dollars across the globe every day is under attack by hackers in what experts have said could point to coordinated, online attempts to rob banks.
SWIFT - the Society for Worldwide Interbank Financial Telecommunication - admitted on Friday that the system has been breached twice within the past four months, including a February attack that siphoned $81 million (71.4 million euros) out of Bangladesh Bank, the country's central bank.
The looted funds were just the tip of the iceberg, as the hackers had sought to steal $951 million.
Network managers said Friday that a second malware attack targeted a commercial bank. SWIFT spokeswoman Natasha de Teran declined to name the bank or say how much, if any, money was stolen.
SWIFT is expected to send a letter to its users saying the attackers, who may be insiders or have access to people with inside knowledge of the transfer system, exhibited a "deep and sophisticated knowledge of specific operational controls" at targeted banks and may have been aided by "malicious insiders or cyber attacks or a combination of both."
Brussels headquarters of the Society for Worldwide Interbank Financial Telecommunications - SWIFT
The Belgian-based cooperative is owned by member banks and used by 11,000 financial institutions around the world. SWIFT said forensic data experts believe the second case showed that the Bangladesh heist "was not a single occurrence, but part of a wider and highly adaptive campaign targeting banks."
News of a second breach comes as authorities in Bangladesh and elsewhere continue to investigate the February theft from Bangladesh Bank account at the New York Federal Reserve Bank.
In both cases SWIFT said the attackers succeeded in penetrating the targeted banks' systems, obtaining user credentials and submitting fraudulent SWIFT messages that correspond with transfers of money.
In the latest case, SWIFT said attackers had also used a type of malware called a "Trojan PDF reader" to manipulate PDF reports confirming the messages in order to hide their tracks.
Meanwhile, a new report said security at Bangladesh Bank remains low and the institution is at risk of further attacks.
The report was prepared by US security firms hired by the bank to evaluate the theft and the bank's security measures.
"There are some residual risks that the governor and board should understand, namely that Bangladesh Bank network is still not secure, and there exists a possibility of malicious acts by hackers," according to the report, parts of which were seen by Reuters news agency.
Bangladesh Bank has declined comment on investigations into the heist. Asked about the latest report, a spokesman said, "We have engaged forensic experts to investigate the whole thing."
bik/sms (Reuters, AFP)