The cyber criminals who stole US$81 million from the Bangladesh central bank probably hacked into the Society for Worldwide Interbank Financial Telecommunication (SWIFT) financial platform, a cooperative owned by 3,000 financial institutions, according to a Reuters report.
Reuters says SWIFT was aware of malware targeting its client software and, thus, would release a software update to thwart the malware, along with a warning for financial institutions “to assist customers in enhancing their security and to spot inconsistencies in their local database records,” according to SWIFT spokeswoman Natasha Deteran.
The software update and warning from SWIFT come after researchers at BAE Systems told Reuters they believe they discovered malware that the Bangladesh Bank attackers used to manipulate SWIFT's Alliance Access client software. Reuters says BAE plans to publish in a blog post on Monday about its findings concerning the malware.
The cyber criminals tried to make fraudulent transfers totaling US$951 million from the Bangladesh central bank's account at the Federal Reserve Bank of New York in February.
Most of the payments were blocked, but US$81 million was routed to accounts in the Philippines and diverted to casinos there. Most of those funds remain missing.