Bangladesh Bank attack appears to be part of a bigger threat SWIFT, the international banking transactions network, has warned customers of “a number” of recent incidents in which criminals sent fraudulent messages through its system. The warning from SWIFT (Society for Worldwide Interbank Financial Telecommunication) suggests that a February attack on the Bangladesh Bank, in which thieves got away with US $81 million, was not an isolated incident. SWIFT is aware of malware that “aims to reduce financial institutions’ abilities” to find evidence of fraudulent transactions on their local systems, the organization said Tuesday. The malware has “no impact on SWIFT’s network or core messaging services,” it added. SWIFT has informed customers that “there are other instances in which customers’ internal vulnerabilities have been exploited,” the organization added. SWIFT is calling on customers to take steps to secure their systems and has issued a mandatory software update. Attackers in these incidents have compromised bank systems and obtained valid credentials for creating and submitting messages on the network, SWIFT said. “The malware is designed to hide the traces of fraudulent payments from customers’ local database applications and can only be installed on users’ local systems by attackers that have successfully identified and exploited weaknesses in their local security,” the organization said. The hackers, who attacked the Bangladesh Bank, appeared to use custom malware designed to interfere with SWIFT’s transaction software, researchers said this week. SWIFT is now aware of “a number of recent cyber incidents in which malicious insiders or external attackers have managed to submit SWIFT messages from financial institutions’ back-offices, PCs or workstations” connected to the SWIFT network, said a confidential notice seen by Reuters, according to a news story posted Tuesday. SWIFT did not name any victims or disclose the amount of losses related to the recent cyberattacks. The organization has issued a security update on Monday aimed at the malware that researchers identified as used in the Bangladesh attack. The likely Bangladesh malware, identified by researchers from BAE Systems, appears to be a custom attack toolkit, they said. The malware was designed to monitor, delete and alter transaction records in the database used by the SWIFT client software. Related content analysis BGP: What is border gateway protocol, and how does it work? BGP is how the autonomous networks that make up the internet share routing information to find the best route for IP traffic. CISA describes BGP as 'the most important part of the internet you’ve probably never heard of.' By Keith Shaw May 17, 2024 11 mins Routers Internet Network Security feature Red Hat seeks to be the platform for enterprise AI By Maria Korolov May 17, 2024 12 mins Linux Network Management Software news FCC proposes BGP security measures Protecting the Border Gateway Protocol is as important as protecting the border. By Gyana Swain May 17, 2024 4 mins Regulation Network Security brandpost Sponsored by Zscaler 5 Must-haves for your next DSPM solution Elevating cloud security: Navigating the data storm with DSPM By Kalie Radsmikham, Sr. Director of Product Marketing, Cloud Security May 16, 2024 7 mins Cloud Computing PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe