"Bangladesh Bank exposed to hackers by cheap switches, no firewall ..." "Bangladesh's central bank was vulnerable to hackers because it did not have a firewall and used second-hand, $10 switches to network computers connected to the SWIFT global payment network, an investigator into one of the world's biggest cyber heists said...." http://www.reuters.com/article/us-usa-fed-bangladesh-idUSKCN0XI1UO
So basically every grandma and grandpa has better network security than their central bank... @hawki: your avatar shows great reaction to this news
Second-Hand Switches, No Firewall, Custom Malware Facilitated Bank Cyber-Heist http://news.softpedia.com/news/seco...are-facilitated-bank-cyber-heist-503388.shtml
"Malware attacks on two banks have links with 2014 Sony Pictures hack Security researchers have found a long chain of coding coincidences linking attempted fraud over the SWIFT network to the 2014 Sony Pictures hack" http://www.pcworld.com/article/3069...-2014-sony-pictures-hack.html#tk.rss_security "Security researchers at BAE Systems believe the same hackers who breached Sony Pictures in 2014 were involved in the $81m heist from Bangladesh Bank." http://www.zdnet.com/article/sony-2014-breach-linked-to-81m-bangladesh-bank-cyber-heist/ If indeed a North Korea-sponsored unit was responsible for the Sony attack, as many believe, this has terrifying implications. North Korea sniffing out an economic weapon of mass destruction.
"Is North Korea behind the £81m Bangladesh bank cyber-heist?" "....The BAE report, titled Cyber Heist Attribution, claims what initially appeared to be an isolated attack against one bank has turned out to be larger in scope than previously thought... ..according to BAE, other malware similarities exist in the Bangladesh hack example, including with the encryption keys used and a number of names of programming elements known as "mutual exclusion objects". "The links come through the code, which bears the hallmarks of a single, consistent coder," said Adrian Nish, BAE's head of threat intelligence. The malware analysed that links the two incidents is called "msoutc.exe" and, according to BAE, matches the strain described by a US CERT alert in 2015 which warned about malware used in the Sony cyber-hit..." http://www.ibtimes.co.uk/north-korea-behind-81m-bangladesh-bank-cyber-heist-1559949
"..In both cases Swift said insiders or cyber attackers had succeeded in penetrating the targeted banks’ systems, obtaining user credentials and submitting fraudulent Swift messages that correspond with transfers of money... In the second case SWIFT said attackers had also used a kind of malware called a “Trojan PDF reader” to manipulate PDF reports confirming the messages in order to hide their tracks..." https://www.theguardian.com/technol...it-by-sophisticated-malware-attack-says-swift The attack vector in the second attack was a PDF Reader used by the customer to check its statement messages. http://www.cnet.com/uk/news/cyber-t...acking-same-swift-financial-messaging-system/ "“The attackers clearly exhibit a deep and sophisticated knowledge of specific operational controls within the targeted banks –- knowledge that may have been gained from malicious insiders or cyber attacks, or a combination of both.” http://www.bloomberg.com/news/artic...-hacker-attack-on-bank-after-bangladesh-heist
Swift Is Hacked Again. The Bitcoin/Blockchain Fat Lady Sings. http://seekingalpha.com/article/3975082-swift-hacked-bitcoin-blockchain-fat-lady-sings
Bravo for the Bank's detecting $1.13 million that had been fraudulently stolen through SWIFT Transfers. Funny. They do not mention that the total theft was of $12 million USD. http://www.zerohedge.com/news/2016-...r-major-cyberheist-secure-global-payments-sys
"Another 12 banks linked to the SWIFT attack Earlier reports of a couple of banks using the SWIFT (Society for Worldwide Interbank Financial Telecommunication) system being hacked are now paired with new reports saying that additional 12 banks using the same system might have fallen victim to the attack...." http://www.itproportal.com/2016/05/30/another-12-banks-linked-to-the-swift-attack/