News

‘Bangladesh central bank robbery committed via hack in Swift software’

By admin
Spread the love

A bank robbery in Bangladesh, looting $81 million, is believed to have been committed by infecting Swift client software with malware. In this way, criminals were able to transfer large amounts of money to Philippine accounts.

A spokesperson for Swift told Reuters news agency that the criminals had targeted the Swift client software called ‘Alliance Access’. In addition to a software update, the Swift group also wants to publish a warning for banks on Monday, to encourage them to better monitor their payment systems. The British security company BAE Systems had previously concluded that the criminals were using Swift.

Until now it was suspected that the attackers had gained access to the system of the central bank of Bangladesh and thus obtained Swift credentials. However, BAE Systems’ investigation would show that the Swift software itself had been used. BAE head of research Adrian Nish says it was a sophisticated attack: “I can’t think of any other case where attackers have adapted to the environment in which they operate to this extent.” It is not yet clear which party is responsible for the bank robbery.

The malware used was contained in the ‘evtdiag.exe’ file and was able to cover the criminals’ tracks by modifying information about wire transfer requests in the bank’s Swift database. In this way, logs of outgoing requests from the criminals could be removed and they could intercept incoming requests. It was also possible to adjust the balance of certain accounts and have a printer produce altered prints so that they wouldn’t stand out.

The system was monitored from an Egyptian server. It is still unclear how the attackers were able to create a wire transfer. The malware file would also be part of a more extensive toolkit, according to BAE Systems. In the course of investigations, it was alleged that the bank used, among other things, cheap switches of around ten dollars, which were connected to the Swift network without a firewall.

In addition, the attackers had attempted to transfer a total of $951 million, but the transfer was discovered by a Deutsche Bank employee due to a spelling error. In the name of the recipient, the word ‘foundation’ was spelled ‘fandation’.

Swift is an international organization in which financial institutions exchange information about transactions. The platform is used by 11,000 banks and other institutions worldwide. A small part of them uses the Alliance Access software for this.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

Netflix is ​​also discontinuing the Basic subscription in the US and UK

News

EU Council determines position on security requirements for digital products

News

Microsoft and Activision Blizzard postpone acquisition deadline until October

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

ASUS will produce and support NUC mini PCs after Intel exit