Bank of Valetta, which went dark for a day after the fraudulent transfers of €13 million, is now looking to get the money back.
Things are getting back to normal for Bank of Valetta (BOV) and its customers following a cyberattack that caused Malta’s largest bank to take the unprecedented step of temporarily shutting down all its services.
On Wednesday morning, BOV found out that unknown attackers had made fraudulent transactions from the bank to financial services providers in the United States, the United Kingdom, the Czech Republic, and Hong Kong. The heist, of around €13 million (US$14.6 million), even prompted a reaction from Malta’s Prime Minister Joseph Muscat, who said that customer funds were not touched and, indeed, were never in danger.
The theft came to light “during reconciliation of international transactions when discrepancies in eleven payments were noticed”, wrote The Times of Malta. Shortly thereafter, BOV was alerted by the country’s Security Service that the bank had been targeted by a cyberattack originating from outside the Mediterranean island.
It has been reported that, within 30 minutes after learning that something was amiss, the bank suspended its services and began to work on retrieving the funds. Naturally, the incident also prompted what the bank has called “rigorous overnight testing” of its IT systems. With the tests deemed successful, the bank restored most of its systems and services on Thursday, as well as its website and mobile app, and re-opened office branches and ATMs.
According to Reuters, the bank has also yet to determine where the intrusion came from and how it happened. Besides other unknowns surrounding the attack, another question has yet to be answered: Where’s the money and, indeed, will it be retrieved?
In their latest coverage, local media quote the bank’s chief business development officer Kenneth Farrugia as implying that while the money has been traced, its recovery is a different thing altogether.
“We know where the money went and into which banks but what happened at that touchpoint we do not have the visibility to know,” said Farrugia for The Times of Malta. “It’s not simply a matter of asking the banks for the money to be reversed. It does not work like that and there are banking procedures that have to be implemented,” he added, without shedding light on whether all the money will, or even can, actually be retrieved.
Per Reuters, BOV accounts for nearly one-half of Malta’s banking transactions. Most shares in the financial services provider, which is also Malta’s oldest, are held by the country’s government.
Cyberheists are nothing new, of course, and we have previously written about thefts targeting banks in Bangladesh, India and Russia, and Mexico. In 2016, ESET researchers Anton Cherepanov and Jean-Ian Boutin wrote a paper about attacks at Russian financial institutions while, in 2018, ESET researcher Miguel Ángel Mendoza weighed in on the theft in Mexico.
We also wrote last year about how US banks are preparing for a scenario involving a particularly devastating cyber-intrusion.
written by Tomas Foltyn, ESET We Live Security