Hacked: Hacking Finance

Bangladesh Bank Hackers Exploited SWIFT Client Software with Malware


Samburaj Das

Samburaj Das

Samburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.


ChronoPay Looks to Kickstart Bitcoin Adoption in Russia 29th May, 2017

Alleged FBI Hacker Lauri Love Ordered to US Extradition by UK Home Secretary 15th November, 2016


Bangladesh Bank Hackers Exploited SWIFT Client Software with Malware

Posted on .
This article was posted on Monday, 15:36, UTC.

The yet-unknown hackers who made away with $81 million from the Bangladesh Central bank’s New York Federal Reserve account have, according to a new Reuters report, used malware to hack into the SWIFT financial platform’s client software used by banks and financial institutions around the world.

// -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- //

The Society for Worldwide Interbank Financial Telecommunication (SWIFT), the interbank system that facilitates transactions and interactions between banks and financial institutions globally may have been compromised by hackers behind the Bangladesh Central bank heist, according to security researchers at BAE Systems, a British defense contractor.

The new revelation underlines the significance of the Bangladesh Bank heist and the security risks that comes with the vulnerability of a system that’s the framework and technology powering the global financial industry.

Speaking to the publication, a spokesperson for SWIFT confirmed that the co-operative is aware of malware affecting its client software. SWIFT is gearing to release its software update on Monday to patch the vulnerability. The update will also come with a warning that will seek financial institutions and banks around the world to scrutinize their security practices.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

The software update will “assist customers in enhancing their security and to spot inconsistencies in their local database records,” the SWIFT spokesperson stated. She insisted that the malware had no impact on SWIFT’s core messaging services nor its network itself.

An Unprecedented Detail in Malware

Security firm BAE’s head of threat intelligence, Adrian Nish revealed the unprecedented scale of the elaborate scheme deployed by criminal hackers for the Bangladesh central bank hack.

I can’t think of a case where we have seen a criminal go to the level of effort to customize it [the malware] for the environment they were operating in. I guess it was the realization that the potential payoff made that effort worthwhile.

Researchers at BAE discovered the malware executable on a repository whilst not directly analyzing the infected servers. These repositories contain millions of new samples every day from various agencies, businesses and individuals who upload malware samples as submissions.

The malware used in the attack was compiled around the date of the heist and contained detailed information about the Bangladesh Central bank’s operations from within the country.

The malware was designed to make a small change to the code of the Access Alliance software, the client software deployed by SWIFT. This gave hackers the ability to tweak ta database that fundamentally logged the bank’s activity over the SWIFT network.

Following the exploit of the vulnerability, the malware could then delete records of all outgoing transfer requests from the database. Beyond such capabilities, the malware could also intercept incoming messages confirming the transfers ordered by the hackers.

The detail of the heist was such that the malware also manipulated account balances on logs to prevent the heist from being detected. Furthermore, a printer was also manipulated within the bank to produce hard copies of transfer requests to throw off the bank’s initial investigation into the heist.

Featured image from Shutterstock.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.

Feedback or Requests?

Receive New Posts on Email:

Samburaj Das

Samburaj Das

Samburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.

There are no comments.

View Comments (0) ...
Facebook bounty hunter Orange Tsai received $10,000 after finding someone…