Hackers who stole $eighty one million from Bangladesh’s significant financial institution have been related to an assault on a financial institution inside the Philippines, similarly to the 2014 hack on Sony photographs, cybersecurity corporation Symantec nation-state in a weblog publish.
The U.S. Federal Bureau of investigation has blamed North Korea for the assault on Sony’s Hollywood studio.
A senior executive at Mandiant, the cyber-protection corporation investigating the financial institution Bangladesh heist, additionally instructed Reuters the hackers had these days penetrated banks in Southeast Asia.
within the blog publish posted on Thursday, Symantec did not call the Philippines financial institution or say whether any money was stolen, however nation-statedgeographical region the assaults might be traced lower back to October closing 12 months. It did now not become aware of the hackers.
The Philippines valuable financial institution’s deputy governor, Nestor Espenilla, informed Reuters that no bank in the country had misplaced money to hackers, despite the fact that he did now not rule out the possibility of cyber assaults.
“we’re checking if there are similar attacks on Philippine banks,” Espenilla said. “but, no said losses to date.”
He introduced: “it is one component to be attacked. it’s miles every other to lose money.”
Marshall Heilman, vice chairman for Mandiant, part of U.S.-primarily based FireEye, said it became not known whether any cash was lost within the different assaults he defined or whether or not the hackers have been effectively blocked.
“there’s a group running in Southeast Asia that surely is familiar with the bank industry and is at multiple location,” he said.
Heilman declined to become aware of the u . s . a . or international locations, or the institutions attacked. He nationgeographical region it became the same institution as the one concerned within the bank Bangladesh theft and that the attacks had been current, but declined to be more precise.
vital banks some place else in Southeast Asia – Singapore, Indonesia, Brunei, Myanmar, Laos, Cambodia, Vietnam, Thailand and East Timor – have declined comment or denied know-how of any other breaches.
There were at least four recognised cyber assaults against a bank related to fraudulent messages at the quick bills network, one dating returned to 2013. swift, the Society for worldwide Interbank financial Telecommunication, entreated banks this week to bolster their safety, announcing it became aware about multiple assaults.
Banks round the sector use comfortable swift messages for issuing fee commands to every other.
fast nation-state earlier this week that February’s Bangladesh bank hack changed into a “watershed event for the banking enterprise” and that it was “now not an isolated incident.”
Spokeswoman Natasha de Teran countryside on Thursday that speedy turned into “actively looking into different feasible instances of such fraud,” but might no longer comment on individual entities.
Symantec said it had recognized 3 portions of malware that had been used in restricted targeted assaults towards economic establishments in Southeast Asia.
one of the malicious applications has been formerly associated with a hacking group known as Lazarus, which has been connected to the devastating attack on Sony’s Hollywood studio in 2014.
“there may be a pretty hard connection now to the Sony assaults and the actor at the back of them” and the Bangladesh heist, Eric Chien, technical director at Symantec, countryside in an interview.
some other cyber-safety company, BAE systems, countryside this month that the specific pc code used to erase the tracks of hackers inside the Bangladesh financial institution heist turned into similar to code used to assault Sony.
Chien nationgeographical region that if North Korea turned into accountable for the hacks on banks via the quick messaging community it might constitute the primary known episode of a 560179ae0c6aead3856ae90512a83d3a stealing cash in a cyber-attack.
Policymakers, regulators and financial establishments round the arena are stepping up scrutiny of the cyber-safety of the quick payments device after hackers used it to make fraudulent transfers totalling $eighty one million out of bank Bangladesh’s account at the Federal Reserve bank of recent York.
Symantec and different researchers have also related the hack to a failed try to use fraudulent speedy messages to scouse borrow from a business bank in Vietnam.
further, Reuters stated final week that Ecuador’s Banco del Austro had more than $12 million stolen from a Wells Fargo account due to fraudulent transfers over the fast network.
Bangladesh police also are reviewing a almost-forgotten 2013 cyber-heist at the country’s biggest business financial institution, Sonali bank, for connections to the principal financial institution heist, a senior regulation enforcement official informed Reuters. The unsolved theft of $250,000 at Sonali financial institution also involved fraudulent switch requests despatched over the fast network.