Dive Brief:
-
A new report from BAE Systems found that the malicious software used in the $81 million heist at Bangladesh Bank in February is linked to the 2014 attack on Sony Pictures.
-
Similar malware was also recently used to target a Vietnamese commercial bank with fake messages from the SWIFT money transfer system, according to a Reuters report.
-
BAE systems was not contracted by Bangladesh Bank to investigate the breach, but independently said they found the malware after looking through repositories to collect samples from malicious files.
Dive Insight:
BAE’s security team found that the group responsible for the bank heist could be tied to several other hacks. "What initially looked to be an isolated incident at one Asian bank turned out to be part of a wider campaign," BAE's cybersecurity team said in the report.
Researchers found the malware from the Bangladesh Bank hack had "the same unique characteristics" as software used in the 2014 Sony breach.
"They have a very unique approach," said BAE's head of threat intelligence, Adrian Nish. "The links come through the code, which bears the hallmarks of a single, consistent coder."
The report, however, does acknowledge there are other possible explanations for the similarities.
In February, a group of researchers said the people that hacked Sony Pictures Entertainment in 2014 are still actively and successfully conducting cyberattacks worldwide. Over the past seven years, the group of hackers, often called Lazarus, has carried out a large number of attacks against a variety of organizations. The researchers established links between Lazarus and 1,000 malicious file samples.
The scale of these attacks can threaten any enterprise, particularly those with sensitive and unique data. Recovering from these attacks can also prove costly. The attack on Sony cost the company an estimated $35 million in IT repairs, not to mention damage to the company's reputation when a number of documents came to light.
