Vietnamese bank reports another hacker attack on SWIFT money transfer system
Vietnam's Tien Phong Bank told Reuters it had thwarted an attempted cyber heist that used fraudulent SWIFT messages. The technique was similar to February’s massive breach at the Bangladesh central bank.
According to the media, an attempted malware attack on the Hanoi-based TPBank occurred in late 2015. The hackers tried to transfer more than $1.1 million of funds.
The bank said it intercepted the attempt quickly, immediately contacting the parties involved.
The attack "did not cause any losses. It had no impact on the SWIFT system in particular and the transaction system between the bank and customers in general," TPBank said in a statement in response to inquiries from Reuters.
Transfers were being made using an outside vendor’s infrastructure. The Vietnamese bank didn’t reveal the name of the service provider, saying it had stopped working with them and switched to using a new system from SWIFT that offers a higher level of security.
In April, SWIFT released a security update for the software that 11,000 financial institutions use to access its network.
It followed an incident when SWIFT was apparently compromised in an $81-million cyber heist from the US Federal Reserve account of the Bangladesh central bank. Attackers attempted to transfer nearly $1 billion out of the bank’s account.
A note to SWIFT customers said the attackers obtained valid computer credentials for operators to authorize, create and approve SWIFT messages.The criminals then submitted fraudulent messages by impersonating those people.
This month, SWIFT (global provider of money transfer services) warned of a second cyber attack case, which could have affected at least one other financial institution.
Without naming the new targets, SWIFT said intruders had managed to bypass risk controls potentially exposing the system to the possibility of illegal money transfers.