Looks like the Bangladesh Bank $80 million hack has opened up a pandora’s box for Swift, the global interbank transaction gateway. Cyber-criminals stole about $12 million from an Ecuador bank in a 2015 heist which is similar to the latest $80 million Bangladesh Bank and Vietnamese bank hack.
After the Bangladesh Bank hack, Swift authorities went on record to say that there was nothing wrong with the interbank gateway. However, as the investigations into Bangladesh Bank progressed it became clear that the hackers who were after $1 billion in deposits, used Swift vulnerabilities for the hack.
Now a Ecuador bank says that it was hacked similarly in 2015 and the hackers managed to steal $12 million in that attack. Banco del Austro SA said in a lawsuit filed in New York against Wells Fargo & Co. that hackers got access to the codes the bank uses to move money via Swift, the global interbank network, and used them to transfer funds from the U.S. bank.
Though the attack happened more than 15 months ago, a Swift spokeswoman told Reuters that the firm had only just found out about it, suggesting banks have not been sharing details of such attacks with the cooperative. A Wells Fargo representative did not immediately return a call seeking comment.
Another Swift hack victim, the Vietnam’s Tien Phong Commercial Joint Stock Bank, known as TPBank, informed the country’s regulators this week that it had fended off a fraudulent transfer request late last year for more than 1 million euros ($1.1 million) that came through a third-party service that the bank used to connect to the Swift system.
The spate of banking hack attacks have sparked concerns within global banks, some of which are pressing Swift to shore up security at its 11,000 members.
“We specifically remind all users to respect their obligations to immediately inform Swift of any suspected fraudulent use of their institution’s Swift connectivity,” the firm said Friday in a statement. “We are currently working to further reinforce our support to customers in securing their access to the Swift network.”
No comments: