Bangladesh bank hackers who stole £56m 'compromised international payments system'
Hackers who stole £56m from the Bangladesh central bank may have found a way to exploit the SWIFT global bank payment system, BAE Systems computer security experts have said.
After uncovering tools it believes were linked to February's heist, one of the biggest in history, BAE Systems claims to have discovered that "sophisticated" malware was used to compromise the SWIFT system.
SWIFT is used by 11,000 banks around the world, and provides a platform for them to share information about transactions. By exploiting this system, BAE Systems said the hackers managed to cover their tracks and get away with the stolen money.
Using the malware, the hackers could delete money transfer details from the database, intercept incoming confirmation messages and manipulate account balances, essentially making the multi-million-pound transactions invisible to the bank and giving them more time to launder their takings.
Worryingly, the hackers' toolkit is "highly configurable", according to the company, and could "feasibly be used for similar attacks in future."
SWIFT appears to be aware of the issue. Speaking to Reuters, spokeswoman Natasha Deteran said a software update designed to thwart the malware would be going out today.
She said the update would help banks "spot inconsistencies" in their databases, and added "the malware has no impact on SWIFT's network or core messaging services."
Financial institutions will also get additional warnings to carefully scrutinise their security measures.
Adrian Nish, Bae Systems' head of threat intelligence, told Reuters he had never seen such an elaborate scheme.
"I can't think of a case where we have seen a criminal go to the level of effort to customise it for the environment they were operating in," he said. "I guess it was the realisation that the potential payoff made that effort worthwhile."
Nish's team found the malware on an online database, and are confident it was the software used in the attack because it was created close to the date of the heist, contained information about the bank's operations and was uploaded from Bangladesh.
The Bangladesh Bank has been contacted for more information.
Independent News Service