Another victim of SWIFT attackers, they steal $10 million from a Ukrainian bank

Experts from the ISACA organization confirmed that SWIFT hackers have stolen $10 million from a Ukrainian bank through SWIFT system.

It is happened again, unknown hackers have stolen $10 million from an unnamed Ukrainian bank through SWIFT loophole. The news was spread by the Kyiv branch of ISACA, the Information Systems Audit and Control Association, that confirmed the fraudulent activity was carried on through the SWIFT international banking system that manages money transfers between financial institutions worldwide.

Ukrainian experts, members of the ISACA Kyiv, were hired through their consulting organizations to investigate the cyber attack, it seems that dozen of banks have been compromised too, resulting in hundreds of millions of dollar losses.

“At the current moment, dozens of banks (mostly in Ukraine and Russia) have been compromised, from which has been stolen hundreds of millions of dollars,” the ISACA reported in a press release cited by the Ukranian kyivpost.com.

The experts involved in the investigation confirmed that attacks like the one they are investigating are very time-consuming, attackers breach the financial institution’s internal networks for months in order to gather information necessary to the attack. The reconnaissance phase allows them to study the internal processes and controls implemented by the bank, the gathered data are then used to perform fraudulent money transfers.

The SWIFT logo is pictured in this photo illustration taken April 26, 2016. REUTERS/Carlo Allegri/Illustration/File Photo

According to the experts from ISACA, the cyber criminals used publicly available information and tools steal money from the Ukrainian Bank, they likely targeted other financial institutions in the country benefiting from the lack of information sharing about the attacks.

“Banks now are not sharing such information at all and are afraid of publicity,” explained Aleksey Yankovsky, head of ISACA’s Kyiv division.

Exactly one month ago, a fourth Bank in the Philippines was a victim of the SWIFT hackers and experts at Symantec confirmed the malware shares code with tools used by the Lazarus group.

In May, the media also announced the second and the third victim of SWIF hackers, meanwhile the first attack went public in February when hackers stole $81 Million from the Bangladesh central bank.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – SWIFT hackers, Bangladesh attack)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.