Another victim of SWIFT attackers, they steal $10 million from a Ukrainian bank

Pierluigi Paganini June 27, 2016

Experts from the ISACA organization confirmed that SWIFT hackers have stolen $10 million from a Ukrainian bank through SWIFT system.

It is happened again, unknown hackers have stolen $10 million from an unnamed Ukrainian bank through SWIFT loophole. The news was spread by the Kyiv branch of ISACA, the Information Systems Audit and Control Association, that confirmed the fraudulent activity was carried on through the SWIFT international banking system that manages money transfers between financial institutions worldwide.

Ukrainian experts, members of the ISACA Kyiv, were hired through their consulting organizations to investigate the cyber attack, it seems that dozen of banks have been compromised too, resulting in hundreds of millions of dollar losses.

“At the current moment, dozens of banks (mostly in Ukraine and Russia) have been compromised, from which has been stolen hundreds of millions of dollars,” the ISACA reported in a press release cited by the Ukranian kyivpost.com.

The experts involved in the investigation confirmed that attacks like the one they are investigating are very time-consuming, attackers breach the financial institution’s internal networks for months in order to gather information necessary to the attack. The reconnaissance phase allows them to study the internal processes and controls implemented by the bank, the gathered data are then used to perform fraudulent money transfers.

The SWIFT logo is pictured in this photo illustration taken April 26, 2016. REUTERS/Carlo Allegri/Illustration/File Photo

The SWIFT logo is pictured in this photo illustration taken April 26, 2016. REUTERS/Carlo Allegri/Illustration/File Photo

According to the experts from ISACA, the cyber criminals used publicly available information and tools steal money from the Ukrainian Bank, they likely targeted other financial institutions in the country benefiting from the lack of information sharing about the attacks.

“Banks now are not sharing such information at all and are afraid of publicity,” explained Aleksey Yankovsky, head of ISACA’s Kyiv division.

Exactly one month ago, a fourth Bank in the Philippines was a victim of the SWIFT hackers and experts at Symantec confirmed the malware shares code with tools used by the Lazarus group.

In May, the media also announced the second and the third victim of SWIF hackers, meanwhile the first attack went public in February when hackers stole $81 Million from the Bangladesh central bank.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – SWIFT hackers, Bangladesh attack)



you might also like

leave a comment