New robbery was discovered through the SWIFT system. As it appears, Bangladesh's central bank is part of a widespread cyber attack in the global banking and financial sector by hackers who have gained access to the backbone of the global financial system, SWIFT.
It's the global banking system that uses thousands of banks and businesses around the world to carry billions of dollars every day. So this system is under attack.
This is how the third case related to the breach of SWIFT was revealed. Fraudsters managed to steal about 12 million dollars from the bank of Ecuador. In analysis of the attack, many similarities were discovered with the attack on the central bank of Bangladesh, which lost 81 million dollars.
The attack on the Banca del Astro (BDA) in Ecuador occurred in January of 2015 and, he revealed in a lawsuit filed by BDA against Wells Fargo, a San Francisco-based bank in 28 January, according to Reuters.
How they breach the banks:
First, they use malicious software to bypass the local security systems of a bank.
then access the SWIFT messaging network,
and send false messages through the messaging network to prepare cash transfers from accounts to larger banks.
So over ten days ago, hackers used SWIFT credentials from a bank employee to modify transaction data for at least 12 transfers, 12 of millions, which were transferred to accounts in Hong Kong, Dubai, New York and Los Angeles.
At treatment of the BDA holds Wells Fargo responsible for not detecting the illegal transactions and is demanding that Wells Fargo return the full amount stolen from the bank.
The suit was filed by the BDA in a federal court of New York and reports that some of these attacks could have been prevented if banks had shared more details about the attacks through the SWIFT system.
Read: Cyber Security, secrecy and responsibility
Wells Fargo, on the other hand, retaliated by blaming the BDA for its robbery information security policies and procedures, noting that "all instructions received via SWIFT-certified messages are being properly processed," according to court documents.
According to reports, robbery has remained secret for a long time and was revealed when the BDA decided to sue Wells Fargo who approved fraudulent transfers.
SWIFT had no idea about the breach: "We did not know," SWIFT said in a statement.
It turns out that SWIFT's security was not breached in the attack, but that the criminals used it advanced malware to steal bank employee credentials and cover their tracks.