Attackers managed to hack bank environments then go on to submit SWIFT messages with credentials, often stolen, to transfer money. Officials at SWIFT, which stands for the Society for Worldwide Interbank Financial Telecommunication, are stressing that while its system wasn’t compromised, the way these banks connected to its network was. “The attackers clearly exhibit a deep and sophisticated knowledge of specific operational controls within the targeted banks – knowledge that may have been gained from malicious insiders or cyber attacks, or a combination of both,” reads the network’s message to users.Įarlier this week an official with the US Federal Bureau of Investigation told the Wall Street Journal that they suspect February’s $81 million heist was an inside job and that evidence points to “at least one bank employee acting as an accomplice.”
Swift share as pdf pdf#
The fact that the attackers are familiar with the banks enough to know they use PDF readers to verify SWIFT messages suggest they either have an inside source at the bank, or have somehow attained knowledge of the bank’s inner workings, SWIFT claims. Once the user opens a PDF report, the Trojan PDF reader manipulates the reports to “remove traces of fraudulent instructions.”
After it’s installed the malware mimics the actual PDF reader. In particular, attackers are targeting banks that they know receive PDF reports of payment confirmations. – remain scant, SWIFT did share the attack vector: malware that targets a PDF reader application used by the banks to check statement messages. While details around the most recent attack – which bank was implicated, how much money was taken, etc.
The Brussels-based global financial messaging network notified users on Friday of the second attack, warning that its likely indicative of a “wider and highly adaptive campaign.” News of yet another attack involving a bank and SWIFT, the financial network used by thousands of banks to transfer funds, came to light Thursday as investigators continue to probe a separate $81 million heist in February involving the network and the central bank of Bangladesh.
0 kommentar(er)
