A bank robbery has always been about stealing money, isn’t it? Whenever we hear news of bank robberies, all we imagine are paper notes that vanish in bulk. As technology is advancing, so are banks and unfortunately, so are the robbers. Bangladesh Central Bank recently fell prey to a robbery in which the bank lost $81 million.
As if that wasn’t enough, robbers also hacked into SWIFT payment system’s software. Confirming the news of Bangladesh Central Bank hack, Natasha Deteran, SWIFT’s spokeswoman told Reuters that the company is “aware of malware targeting its client software”. As a preventive measure, the software will now be updated. Deteran said that a software update will be issued to “to assist customers in enhancing their security and to spot inconsistencies in their local database records.” She further added that “the malware has no impact on SWIFT’s network or core messaging services.”
What is this malware that has been used by the robbers during Bangladesh Central Bank robbery to hack the SWIFT payment system? evtdiag.exe is the malware used by the criminals to “change records on SWIFT databases in order to hide what they were up to,” reported Gizmodo. The report further added that “the criminals could delete records of transfer requests, intercept messages about payments and manipulate the displayed account balances to cover their tracks.” Experts believe that the software was designed specially to break SWIFT’s payment system but could also be used elsewhere. Adrian Nish from BAE Systems while speaking to Reuters said that “it was one of the most elaborate malware hacks he’d ever come across,” as per Gizmodo’s report.
Wait! Even though the SWIFT system has been hacked, not everyone’s account is at risk because the criminals have attacked only Alliance Access, a specific SWIFT software piece. Not all the banks and financial institutions that rely on this payment system have been hacked.