Hackers steal $60 million from Taiwanese bank using bespoke malware
Last week, a hacking gang abused the SWIFT banking network to steal $60 million after planting malware on a Taiwanese bank’s servers.
The Far Eastern International Bank has confirmed that malware had been found on it computer systems, affecting PCs and servers, as well as its SWIFT terminal.
SWIFT (the Society for Worldwide Interbank Financial Telecommunications) is the system that allows banks to send money securely to each other around the world.
In the last few years hacking groups have targeted bank’s usage of SWIFT to attempt to steal large amounts of money – perhaps most notoriously, in February 2016 hackers attempted to steal $951 million from a Bangladesh bank to accounts in the Philippines.
In this most recent Far Eastern case, malware under the control of the hackers was able to instruct the SWIFT terminal to move $60 million worth of funds into bank accounts based in Sri Lanka, Cambodia, and the United States.
According to banking bureau deputy director Sherri Chuang, Far Eastern Bank has recovered $57 million that had been wired to Cambodia, $1 million sent to the United States, and $1.6 million sent to Sri Lanka.
From the sound of things, SWIFT tools introduced in the wake of a spate of attacks on the banking system appear to have helped detect the unusual patterns of behaviour, and all but $500,000 of the stolen funds have now been recovered.
Two arrests have been made in Sri Lanka related to the attack on the Taiwanese bank, while another suspect remains at large.
Curiously, as the Colombo Gazette reports, one of those arrested is Shalila Moonesinghe, chairman of Sri Lanka’s state-owned Litro Gas, the country’s largest importer and supplier of LP Gas.
Local police arrested Moonesinghe after $1.1 million stolen in the heist was allegedly found in his personal bank account.
As I’ve stressed before – more needs to be done to prevent the fraudulent movement by hackers of stolen funds targeting bank systems. Not only are there concerns about the huge amount of money involved, but also the damage that can be done to the general public’s trust in the banking system if they continue to read headlines of security failures.
Further reading: 5 Actionable Steps We Can Learn from the SWIFT Banking Attacks
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.