Reuters: The hackers who stole 81 million dollars from the central bank of Bangladesh may have also breached the software of SWIFT, a financial platform at the heart of the global financial system, security researchers at BAE Systems have announced.
SWIFT, a cooperative owned by 3.000 financial institutions, confirmed to Reuters that it was aware of malware targeting the client its software. Msfaceς της εταιρείας Natasha Deteran, ανέφερε ότι η SWIFT θα κυκλοφορήσει σήμερα Δευτέρα μια ενημερωμένη έκδοση λογισμικού για να σταματήσει το κακόβουλο λογισμικό, μαζί με μια ειδική warning for financial institutions to review their security procedures.
Deteran told Reuters on Sunday that the software update "will help customers enhance their security and detect inconsistencies in local database entries."
SWIFT is a messaging platform used by 11.000 banks and other institutions around the world.
“We keep all of our products under constant review and recommend that sellers do the same key to defend against such attack scenarios is that users should implement appropriate security measures in their local environment to secure their systems,” Deteran continued.
Adrian Nish, head of BAE, said he had never seen such a complex system of hacker criminals.
"I can not think of a case where we have seen a criminal go to the level of trying to adapt it to the environment in which they operated," he said. "I guess it was the realization that the potential payoff to this effort is worth it."
A spokesman for Bangladesh Bank declined to comment on BAE's findings.
A senior official with the Bangladeshi Police Criminal Investigation Department said the investigators had not found the specific malware described by BAE, but that forensic specialists had not finished their detector.
Bangladesh police investigators said last week that bank security measures were serious shortfalls, lacking even the basic precautions, such as firewalls and relying on the use of $ 10 switches on its local networks.
Still, police researchers said in an interview with Reuters that both the bank and SWIFT should take responsibility for the problems.
Meanwhile, BAE is preparing its own warning to be published today Monday and includes some technical indicators that banks can use to overturn similar attacks. These indicators include the IP address of a server in Egypt used by attackers to monitor the use of the SWIFT system by Bangladesh Bank staff.
The malicious software that hit the bank called evtdiag.exe was designed to hide the actions of the hacker when exchanging information in the SWIFT database of Bangladesh Bank, according to BAE.
