Malaysia’s central bank announced Thursday (March 29) that it was the subject of a cyber attack in which hackers aimed to steal money via fraudulent wire transfers, reported Reuters. According to the report, Bank Negara Malaysia said the hackers weren't able to steal funds from the incident, but it did involve fake wire-transfer requests over the SWIFT bank messaging network.
Reuters noted this as the second hack of a central bank since the $81 million theft of Bangladesh Bank in 2016. That case also involved fake SWIFT transfer requests, which prompted financial firms around the world to enhance their security to prevent it from happening to them.
Tom Kellermann, a former member of the World Bank security team, said in the report, “You thwarted an attack but you didn’t actually catch the hackers. That adversary is still out there attempting to exploit the system.”
Bank Negara Malaysia didn't say who was behind the latest hack or how they were able to access the SWIFT network. What's more, it reported there were no disruptions to the other payment and settlement systems that the central bank uses.
“All unauthorized transactions were stopped through prompt action in strong collaboration with SWIFT, other central banks and financial institutions,” the bank stated.
Meanwhile, a spokesperson for SWIFT declined to comment other than to say in an email statement that: "We have no indication that our network and core messaging services have been compromised."
In February, the Central Bank of the Russian Federation reported a SWIFT hack last year that made 339.5 million rubles ($6 million) disappear. The disclosure was snuck onto the end of a central bank report on digital thefts out of Russian banks, according to Reuters reports at the time. The central bank said it had been sent information about “one successful attack on the workplace of a SWIFT system operator.”