Vulnerability in the international interbank system of information transfer SWIFT could be the reason that the hackers managed to steal $81 million from the Central Bank of Bangladesh. This writes Reuters, citing the findings of the British company BAE Systems, which has been working in the field of armaments, and information security.
Company representatives told the Agency that they have found malware that the attackers used to control client software, the so-called Alliance Access. On Monday, the company plans to introduce in my blog the findings that relate to the theft from the Central Bank of Bangladesh. The company expects that it will help other banks to prevent this attack.
According to investigators, the hackers infiltrated the computer network of the Central Bank and took control of the credentials used for access to SWIFT. However, according to BAE, we are talking about vulnerabilities in the software, which allowed to erase the illicit transfers.
The virus, which has the name evtdiag.exe allows you to hide the traces of attacks by modifying data in the database, which tracks information about queries on the transaction. The program can how to delete records on outgoing requests, and intercept incoming messages, which confirm carrying out translations.
It is noted that the program was written specifically to attack the Central Bank of Bangladesh. “But the General tools, methods and algorithms that were used in the attack, could allow attackers to strike again,” said BAE.
Press Secretary SWIFT (Society for worldwide interbank financial telecommunications), which is used by thousands of credit institutions, said that the developers are aware of malware that threaten client welfare. The organization has promised to release Monday the update that “will help clients in improving security and the detection of inconsistencies in local databases”.
“While we keep all the products of the interface under constant review and encourage other manufacturers to do the same thing, the main way to protect against these attacks is the users to use proper security measures to their particular conditions to help protect customers,” — said the representative of the SWIFT.
About large withdrawals the Central Bank of Bangladesh became known in early March. Hackers tried to withdraw $951 million with correspondent accounts at the Federal reserve Bank of new York. A large part of the operation was blocked, however, $81 million was transferred to accounts in the Philippines.
As Bloomberg wrote, one of one of top managers of the Bank of Bangladesh found that the tray of the printer, which automatically prints the transfer confirmation from the interbank system SWIFT, was empty. The next day it became clear that the exchange program with SWIFT terminal does not respond to commands. After the restart it became clear that Federal reserve Bank of new York has written to the Central Bank requests more than 40 questionable translations.
The Governor of the Bank of Bangladesh Atiur Rahman resigned in connection with the incident, saying that assumes moral responsibility for what is not immediately reported to the Ministry of Finance about the theft.