Hackers are relying on the vulnerabilities in SWIFT’s messaging systems to hide their digital footprints. A second bank has been compromised due to these vulnerabilities.
In the wake of Bangladesh’s central bank being hacked due to hackers exploiting vulnerabilities in SWIFT, a global financial messaging network, the company has now disclosed and has posted a warning saying a second wave of attack could be imminent.
Natasha de teran, SWIFT’s spokeswoman did not however provide a name of the second bank that has been targeted by hackers. So far it is yet unclear how much money had been stolen in the second attack.
Although previously SWIFT had warned saying the attack at Bangladesh’s central bank may not have been an isolated incident, a confirmation of a second round of attack could very swiftly increase the levels of scrutiny on its network that is central to the global financial system.
In a statement, SWIFT said the hackers have exhibited a “deep and sophisticated knowledge of specific operational controls” at the targeted banks which are very likely to have been aided by “malicious insiders or cyber attacks, or a combination of both.”
SWIFT, a Belgian co-operative owned by member banks, is used extensively by 11,000 financial institutions globally.
As per forensic experts examining the heist, the first attack on Bangladesh’s central bank “was not a single occurrence, but part of a wider and highly adaptive campaign targeting banks.”
In the first attack, SWIFT officials have acknowledged the fact that their software was maliciously altered to hide evidence of fraudulent transfers. However the hackers could not compromise the controls of the message system.
In both cases, the attackers had most likely used insiders to penetrate the bank’s internal systems and had obtained user’s login credentials which were used to transfer fraudulent sums of money.
In the second case, SWIFT said, attackers had used a “Trojan PDF reader” to manipulate PDF reports so as to hide their tracks.
Categories: Creativity, Economy & Finance, Regulations & Legal, Strategy, Uncategorized
manageria.biz 
Leave a comment