SWIFT, the messaging system used by 11,000 global financial institutions to send money to each other, said on Thursday that it had been hit by another malware attack on its systems.
It urged all customers to “review controls in their payments environments, to all their messaging, payments and e-banking channels. This includes everything from employee checks to password protection to cyber defences.”
The new malware involves the PDF reader that banks use to open SWIFT messages, which are sent to financial institutions telling them what money to send where.
The company said the attack was similar to one last February in which hackers stole $100 million (£70 million) from the Bangladesh Central Bank.
In response to that heist, SWIFT — which stands for Society for Worldwide Interbank Financial Telecommunication — asked all of its members to install a software update designed to spot malware designed to hide questionable activity.
Natasha de Teran, a spokesperson for SWIFT, said a commercial bank had been targeted, but did not name the bank or how much money may have been stolen, according to Reuters.
SWIFT also revealed the attack could be part of a much bigger operation (emphasis ours):
Forensic experts believe this new discovery evidences that the malware used in the earlier reported customer incident was not a single occurrence, but part of a wider and highly adaptive campaign targeting banks.
The attackers clearly exhibit a deep and sophisticated knowledge of specific operational controls within the targeted banks — knowledge that may have been gained from malicious insiders or cyber attacks, or a combination of both.
Authorities are still investigating the February attack, according to Reuters, with authorities with SWIFT acknowledging the scheme involved altering software to conceal evidence of illegal transfers. But it maintained that its messaging system was not compromised — whoever is abusing the system is obtaining valid log-in credentials then placing fraudulent transfer requests.
SWIFT did not immediately respond for comment.