Reuters: Hackers who stole 81 from the Bangladesh central bank have likely violated SWIFT software as an economic platform at the heart of the global financial system, BAE Systems security researchers said.
SWIFT, a cooperative owned by 3.000 financial institutions, confirmed to Reuters that it was aware of malware targeting its client software. Company spokeswoman Natasha Deteran said SWIFT will release an updated version on Monday version software to stop the malware, along with a special warning for financial institutions to review their security procedures.
Deteran told Reuters on Sunday that the software update "will help customers enhance their security and detect inconsistencies in local database entries."
SWIFT is a messaging platform used by 11.000 banks and other institutions around the world.
"We keep everything products under constant review and we recommend that vendors do the same, the key to defending against these attack scenarios is that users should implement appropriate security measures in their local environment to secure their systems,” Deteran continued .
Adrian Nish, head of BAE, said he had never seen such a complex system of hacker criminals.
"I can not think of a case where we have seen a criminal go to the level of trying to adapt it to the environment in which they operated," he said. "I guess it was the realization that the potential payoff to this effort is worth it."
A spokesman for Bangladesh Bank declined to comment on BAE's findings.
A senior official with the Bangladeshi Police Criminal Investigation Department said the investigators had not found the specific malware described by BAE, but that forensic specialists had not finished their detector.
Μπαγκλαντές ερευνητές της αστυνομίας δήλωσε την περασμένη εβδteam ότι τα μέτρα ασφαλείας των υπολογιστών της τράπεζας ήταν σοβαρές ελλείψεις, στερούνται ακόμη και τα βασικά προληπτικά μέτρα, όπως firewalls και στηριζόμενη στις χρησιμοποιηθούν, $ 10 διακόπτες σε τοπικά δίκτυα της.
Still, police researchers said in an interview with Reuters that both the bank and SWIFT should take responsibility for the problems.
Meanwhile, BAE is preparing its own warning to be published today Monday and includes some technical indicators that banks can use to overturn similar attacks. These indicators include the IP address of a server in Egypt used by attackers to monitor the use of the SWIFT system by Bangladesh Bank staff.
The malicious software that hit the bank called evtdiag.exe was designed to hide the actions of the hacker when exchanging information in the SWIFT database of Bangladesh Bank, according to BAE.
