Content, Breach

Cyber Gangsters Pilfered $6 Million From Russian Bank Using Bogus SWIFT Money Transfer

Cyber gangsters reportedly stole nearly 340 million rubles, or $6 million, from a Russian bank last year in yet another lucrative digital heist, a new report disclosed. The Russian central bank confirmed the crime on Friday, Reuters said.

It is the latest in a series of cyber bank robberies targeting the Belgium-based SWIFT (Society for Worldwide Interbank Financial Telecommunication) messaging network with bogus wire transfer requests. In this burglary, hackers apparently took control of a computer at an unnamed Russian bank and used the SWIFT system to transfer the money to their own accounts.

Information on the successful robbery was apparently found in a central bank document on digital thefts in the Russian financial industry. The financial institution said it had been sent information about “one successful attack on the workplace of a SWIFT system operator” amounting to 339.5 million rubles, Reuters reported. Neither SWIFT nor the central bank offered details on the attack as is the former’s policy. SWIFT has consistently maintained that its systems have never been hit by cyber attackers.

Still, SWIFT levered attacks have become more prominent (and public) despite its reluctance to provide any information on cyber chicanery hitting institutions using the network. In early December, word surfaced that Russia-tied hackers, dubbed MoneyTaker, quietly stole up to $10 million from global banks in the last 18 months, including $8 million from the U.S., while maneuvering without detection. Part of the gang’s tactics involved pilfered documents from the SWIFT network.

In late December, cyber crooks reportedly tried to steal $940,000, or 55 million rubles, from the Russian state bank Globex, again using SWIFT to pass bogus wire-transfers. In the most notable of SWIFT attacks, in February, 2016, hackers walked away with $81 million from Bangladesh’s central bank using designer malware that enabled them to delete outgoing transfer requests and intercept incoming requests to move funds through the messaging network. And, in October, 2017, hackers stole $60 million from the Far Eastern International Bank in Taiwan by gaining access to its SWIFT terminal.

Why is SWIFT such an appealing hacker target? The system is used to transfer trillions of dollars every day between banks. The majority of international inter-bank messages use the SWIFT network, spanning more than 11,000 financial institutions in 200 countries exchanging some five billion financial messages a year, according to the organization’s website. SWIFT sends payment orders but doesn’t facilitate funds. Owing to the sheer volume and sensitivity of information it handles, it’s a hot spot for bad actors.

D. Howard Kass

D. Howard Kass is a contributing editor to MSSP Alert. He brings a career in journalism and market research to the role. He has served as CRN News Editor, Dataquest Channel Analyst, and West Coast Senior Contributing Editor at Channelnomics. As the CEO of The Viewpoint Group, he led groundbreaking market research.