Vietnam bank a second SWIFT fraud target
A second bank in Asia has had payments messages over the SWIFT payments messaging network compromised, if further analysis by BAE Systems is correct.BAE on Friday cited "a commercial bank in Vietnam", which it did not otherwise name, as having been "targeted in a similar fashion using tailored malware, but based off a common code-base."Bangladesh's central bank had around US$81 million stolen by an as yet unidentified criminal or hacking network, with theories now abounding in international media that they had cooperation on the inside to pull off the heist.BAE said it identified "an additional sample" of code corresponding to that used in the Bangladesh theft. This new sample dates from early March.The security researchers at BAE speculated that the endeavour relates to "a wider known campaign stretching back almost a decade."A report in the New York Times linked this insight to "the possibility that groups from Pakistan and North Korea may have been spying on the bank" adding that the attacks held "striking similarities [with] the attack on Sony Pictures in 2014."BAE concluded that, in the case of the targeting of the two Asian banks, "the same coder is central to these attacks."