Reuters: Hackers who stole $81 million from Bangladesh's central bank may have also breached the software of SWIFT, a financial platform at the heart of the global financial system, its researchers said. better safetyof BAE Systems.
SWIFT, a cooperative owned by 3.000 financial institutions, confirmed to Reuters that it was aware of malware targeting the client της. Η εκπρόσωπος της εταιρείας Natasha Deteran, ανέφερε ότι η SWIFT θα κυκλοφορήσει σήμερα Δευτέρα μια ενημερωμένη version software to stop the malware, along with a special warning for financial institutions to review their security procedures.
Deteran told Reuters on Sunday that the software update "will help customers enhance their security and detect inconsistencies in local database entries."
SWIFT is a messaging platform used by 11.000 banks and other institutions around the world.
"We keep all our products under constant review and suggest that sellers do the same, the key to defending against these attack scenarios is that users should take appropriate security measures in their local environment to secure the systems. them, ”Deteran continued.
Adrian Nish, head of BAE, said he had never seen such a complex system of hacker criminals.
"I can not think of a case where we have seen a criminal go to the level of trying to adapt it to the environment in which they operated," he said. "I guess it was the realization that the potential payoff to this effort is worth it."
A spokesman for Bangladesh Bank declined to comment on BAE's findings.
A senior official with the Bangladeshi Police Criminal Investigation Department said the investigators had not found the specific malware described by BAE, but that forensic specialists had not finished their detector.
Bangladesh police investigators said last week that bank security measures were serious shortfalls, lacking even the basic precautions, such as firewalls and relying on the use of $ 10 switches on its local networks.
Still, police researchers said in an interview with Reuters that both the bank and SWIFT should take responsibility for the problems.
Meanwhile, BAE is preparing its own warning to be published today Monday and includes some technical indicators that banks can use to overturn similar attacks. These indicators include the IP address of a server in Egypt used by attackers to monitor the use of the SWIFT system by Bangladesh Bank staff.
The malware that hit the bank, called evtdiag.exe, was designed to hide hackers' actions when exchanging information on SWIFT base according to Bangladesh Bank data, according to BAE.