Another Bank Hit In A Malware Attack, According To SWIFT

It looks like hackers have, once again, found a way to gain access to the SWIFT messaging system.

According to SWIFT officials, the latest attack targeted a commercial bank and managed to send SWIFT messages using the bank’s valid codes. This new attempt at digital theft follows a successful hit on the Bangledesh central bank’s account at the Federal Reserve Bank of New York.

The notice notes that the system breach failed and that no funds were stolen, but also that hackers did gain access to the transfer system using genuine credentials and malware to cover themselves.

“Forensic experts believe this new discovery evidences that the malware used in the earlier reported customer incident was not a single occurrence but part of a wider and highly adaptive campaign targeting banks,” SWIFT said in a notice to banks reviewed by The Wall Street Journal but set to go out on Friday (May 13).

The Belgium-based SWIFT also recently told customers that there have been a “small number of recent cases of fraud at customer firms.”

The latest malware attack, or attempted attack, was discovered by third-party experts who brought the issue to SWIFT’s attention. The attack actually predates the Bangladesh hack.

The malware used in the Bangladesh attempt and the current attempted attack have two things in common, according to SWIFT. The first is it sends messages over the SWIFT platform; the second is the program exists to digitally cover tracks and make it harder to identify the culprits.

WSJ reported this week that the Federal Bureau of Investigation suspected insiders may have helped the attack on Bangladesh Bank, citing people familiar with the matter. SWIFT similarly emphasized the risk of malicious insiders in its note to banks.