Russia’s central bank disclosed on Friday that hackers had made off with the equivalent of $6 million from a Russian bank last year by co-opting the banking industry’s global payments messaging system known as SWIFT, Reuters has reported.
The cyberattack at the unnamed bank took place at some point last year, according to the news wire, which cited a report drafted by the Bank of Russia on digital thefts in the country’s banking sector. Unknown hackers are said to have compromised an employee’s workstation before using SWIFT to transfer the funds to their own accounts.
Meanwhile in India, news broke yesterday that hackers had breached the systems of the country’s City Union Bank and attempted to purloin nearly $2 million in another theft that was carried out by using SWIFT as a channel for diverting the money. The extent of the damage is not entirely clear at this point, but it appears that at least two out of the three “unauthorized remittances to lenders overseas” were foiled at some stage.
A different kind of bank job
The two heists are the latest in a series of thefts co-opting SWIFT, a system that handles transfers of trillions of dollars between banks each day. They are also the latest additions to the list of cyber-robberies in Russia and India in the past few years.
As recently as December 2017, it emerged that hackers had attempted to siphon off nearly $1 million from Russian state-run bank Globex by funneling the money away via fraudulent SWIFT transactions. The robbery was largely thwarted, however, and only $100,000 is believed to have been stolen. The year 2016, meanwhile, saw the thefts of $31 million in total from accounts at Russia’s central bank and commercial banks.
ESET researchers noted in 2016 that Russian banks are ever more frequently on the receiving end of attempted cyberattacks, including those targeting their SWIFT terminals.
Meanwhile, an official at Union Bank of India acted just in time in July 2016 to retrieve $171 million that had been pilfered from the bank following a security breach. This hack is said to be reminiscent of a particularly brazen bank cyber-heist from February 2016, in which hackers successfully pilfered $81 million from the account of the central bank of Bangladesh at the Federal Reserve Bank of New York.
Having compromised the computer systems of the Bank of Bangladesh with malware, they gained the bank’s credentials into SWIFT and used them for a string of fraudulent wire-transfer orders. The first four came through, but the fifth failed – due to something as mundane as a misspelled word in the order. This prompted some double-checks and eventually proved enough to block some 30 faux orders worth a combined $850-$870 million. In the aftermath of the attack, SWIFT announced measures intended to keep cyberattacks at bay and repeatedly urged banks worldwide to beef up security.
Other hacking campaigns have been more successful, however. It was reported in February 2015 that an APT group known as Carbanak successfully deployed malware to suck up to $1 billion from some 100 financial institutions worldwide in two years.
written by Tomas Foltyn, ESET We Live Security