SWIFT hackers linked to Sony attack

  • 27/05/2016
SWIFT hackers linked to Sony attack

Hackers who stole US$81 million (NZ$120.07 million) from Bangladesh's central bank have been linked to another cyber-attack, this time on a bank in the Philippines. This is in addition to the 2014 hack on Sony Pictures Entertainment, cyber security company Symantec Corp says.

If confirmed, the Philippines incident would represent the fourth known cyber-attack against a bank involving fraudulent SWIFT messages.

SWIFT, as the Society for Worldwide Interbank Financial Telecommunication is known, this week urged banks to bolster their security, saying it was aware of multiple attacks.

Banks use secure SWIFT messages for issuing payment instructions to each other.

Symantec said in a blog post on Thursday it had identified three pieces of malware that were used in limited targeted attacks against financial institutions in Southeast Asia.

Symantec said the attackers were able to infiltrate the bank's computers but there was no evidence of money being stolen.

One of the malicious programs has been previously associated with a hacking group known as Lazarus, which has been linked to the devastating attack on Sony's Hollywood studio in 2014. The US government publicly blamed the Sony hack on North Korea.

The emergence of new possible instances of compromise is not entirely surprising as banks conduct more reviews, SWIFT spokeswoman Natasha de Teran said.

"Many may turn out to be false positives, and or have nothing to do with SWIFT messages, but it is key that these reviews take place and banks' environments are secured," she added.