Bank Heists Linked to Sony Pictures HackAdded: Monday, May 30th, 2016
Category: Recent Headlines Involving File Sharing > Current Events
Tags:ET, p2p, Torrent, Piracy, Peer To Peer, Network, Hackers, Internet, BitTorrent, Google, utorrent, bitcomet, extratorrent, www.extratorrent.cc, 2016
Security experts have found clues in the malware used to breach into banking messaging network Swift that suggest a link to the well-known Sony Pictures hack.
The SWIFT hack affected at least 3 banks by far. All victims have already reported financial attacks. Bangladesh’s central bank was first to lose $81m through the fraudulent SWIFT messages instructing a transfer to an account in the Philippines. An unnamed Vietnamese bank was second to say that it had been targeted by the hackers as well, but had managed to prevent a $1m transfer. Finally, Ecuador’s Banco del Austro had also fallen prey.
All the cases relied on social engineering and technical talent: the hackers first gained fraudulent access to the Swift network and then messaged the banks asking for funds to be transferred. In fact, the Bangladesh case was only revealed thanks to a typo in one of the instructions.
The intruders used a specific type of malware called Trojan.Banswift to gain access to SWIFT network. The security researchers found a distinct file wiping code in the malware. The way the software deleted files was already seen in one other piece of malware, which was used to hack into financial groups in Southeast Asia. It is likely that the tools can be attributed to the same group, which thus may have been attacking financial institutions for much longer than previously thought. The most interesting thing is that the same malware has previously been used by a hacking group known as Lazarus, engaged in attacking businesses and commercial operations across the United States and South Korea for the last few years. This group is linked to another malware, which was used in the hacking attack against Sony Pictures. However, this does not actually prove anything, as the hackers often share and sell code. Moreover, Lazarus was the target of a cross-industry initiative known as Operation Blockbuster earlier in 2016.
In the meantime, SWIFT has promised to improve its security after the recent hacks, with the group’s CEO offering up a new plan for change. He said that the banks could learn from one another about the modus operandi and introduce better preventative measures. Indeed, organizations like Swift can serve as the information sharing channel, and indicators of compromise could be developed to help the banks enhance their detective capabilities.
Monday, May 30th, 2016No comments
Most Popular Stories