Dive Brief:
-
Global financial messaging network SWIFT announced late Thursday that it had been hit by a second malware attack, according to a Reuters report.
-
In February, the SWIFT network was similarly hit by malware in the $81 million cyber heist on the Bangladesh central bank.
-
The new case involved a commercial bank, though SWIFT declined to say which one or if the case involved stolen money.
Dive Insight:
SWIFT, a cooperative of 3,000 international financial institutions that enables secure financial transactions, said in a statement that the attackers exhibited a "deep and sophisticated knowledge of specific operational controls" at targeted banks and may have been aided by "malicious insiders or cyberattacks, or a combination of both."
In the second case, SWIFT said attackers used a "Trojan PDF reader" to manipulate PDF reports to confirm fraudulent SWIFT messages that allow a money transfer.
In late April, SWIFT warned its members to review their security procedures because it confirmed malware was targeting its client software, according to a Reuters report. SWIFT also released a software update to help protect its members.
The SWIFT messaging platform is used by 11,000 banks around the world.
In April, an investigator said Bangladesh’s central bank had no firewall and utilized poor security practices prior to becoming the victim of the record-breaking heist. The investigator said Bangladesh Bank used cheap, second-hand switches to network computers connected to the SWIFT global payment network.
That report helped allay concerns that the SWIFT network had been compromised. Since then, reports have put attention back on the security of SWIFT’s systems.