Boston/Dhaka: The attackers who stole $81 million from the Bangladesh central bank probably hacked into software from the SWIFT financial platform that is at the heart of the global financial system, said security researchers at British defense contractor BAE Systems.
SWIFT, a cooperative owned by 3,000 financial institutions, confirmed that it was aware of malware targeting its client software. Its spokeswoman Natasha Deteran said SWIFT would release a software update to thwart the malware, alo-ng with a special warning for financial institutions to scrutinise their security procedures.
The new developments now coming to light in the unprecedented cyber-heist suggest that an essential lynchpin of the global financial system could be more vulnerable than previously understood to hacking attacks, due to the vulnerabilities that enabled attackers to modify SWIFT’s client software.
Ms Deteran said that it was issuing the software update “to assist customers in enhancing their security and to spot inconsistencies in their local database records.”
She said “the malware has no impact on SWIFT’s network or core messaging services.” The software update and warning from Brussels-based SWIFT, or the Society for Worldwide Interbank Financial Tele-communication, come after researchers at BAE, said they believe they discovered malware that the Bangladesh Bank attackers used to manipulate SWIFT client software known as Alliance Access.
The cyber criminals tried to make fraudulent transferstotaling $951 million from the Bangladesh central bank’s account at the Federal Reserve Bank of New York in February. Most of the payments were blocked, but $81 million was routed to accounts in the Philippines and diverted to casinos there. Most of those funds remain missing.
Investigators probing the heist had previously said the still-unidentified hackers had broken into Bangladesh Bank computers and taken control of credentials that were us-ed to log into the SWIFT system. But the BAE research shows that the SWIFT software on the bank computers was probably compromised in or-der to erase records of illicit transfers.
