spokeswoman Natasha Deteran said that
released a software update to thwart the
malware, along with a special warning for financial institutions to inspect
their security procedures.
group said its network and core messaging services were not affected.
“Swift is aware of a number of recent cyber incidents in which malicious
insiders or external attackers have managed to submit Swift messages from
financial institutions’ back offices, PCs or workstations connected to their
local interface to the Swift network,” the group warned customers.
post on malware that thieves used to cover their tracks and delay discovery of
The blog said that, “This malware appears to be just part of a wider
attack toolkit and would have been used to cover the attackers’ tracks as they
sent forged payment instructions to make the transfers.”
BAE said it could not explain how the fraudulent orders were created and
pushed through the system.
The cyber criminals tried to make fraudulent transfers totaling $951 million
from the Bangladesh central bank’s account at the Federal Reserve Bank of New
York in February.