Earlier reports of a couple of banks using the SWIFT (Society for Worldwide Interbank Financial Telecommunication) system being hacked are now paired with new reports saying that additional 12 banks using the same system might have fallen victim to the attack.
According to security researchers FireEye, which have been investigating the matter, 'numerous' other banks have contacted them, including banks from the Philippines, and New Zealand. Even though the majority of these attacks were thwarted, approximately $81 million made it to the Philippines and ended up at casinos, where its trail is lost.
At the same time, SWIFT warns that some of these reports might be false positives.
Another security firm, Symantec, confirmed earlier reports made by BAE Systems, that the Bangladeshi bank hackers have a lot in common with those attacking targets in both South Korea and the US, some seven years go.
Apparently, both have been using similar code, prompting security researchers to tentatively come to a conclusion that this might have been the same group.
“This malware was written bespoke for attacking a specific victim infrastructure, but the general tools, techniques and procedures used in the attack may allow the gang to strike again,” commented recently Sergei Schevchenko, a cyber-threat researcher at BAE Systems.
“All financial institutions who run Swift Alliance Access and similar systems should be seriously reviewing their security now to make sure they too are not exposed.”
Image Credit: Ai825 / Shutterstock