|
FireEye, a U.S. cyber security company investigating the
February attack on Bangladesh's central bank in which hackers
stole $81 million, said there was no apparent connection with
the heist or related attacks on banks in Ecuador and Vietnam.
The identity of the hackers in all three cases is not known.
Cyber security experts say the attackers would have needed to
gather knowledge about bank procedures and systems, as well as
gain remote access to launch fraudulent transfer requests.
FireEye researchers said in a blog post that in early May they
had identified "a wave of emails containing malicious
attachments being sent to multiple banks in the Middle East."
The senders appeared to be "performing initial reconnaissance
against would-be targets" using techniques the researchers said
were not usually seen in such campaigns.
Qatar National Bank, the largest lender in the Middle East and
Africa by assets, said last month it was investigating an
apparent security breach of data posted online this week that
revealed the names and passwords of a large number of customers.
A FireEye spokesman said Qatar National Bank was not one of the
"several banks" in the Middle East where researchers had found
the malware. He did not identify which banks and which countries
were affected.
He said the malware had reported back to the hackers' servers,
indicating at least some of the banks had been infected.
Once opened, the malicious email attachments gather information
on the user's system, including network configuration data, user
and administration passwords and software running on the bank's
computers.
The security of banks and SWIFT messaging systems has come under
scrutiny in the wake of the Bangladesh Bank attack.
(Reporting By Jeremy Wagstaff; Editing by Raju Gopalakrishnan)
[© 2016 Thomson Reuters. All rights
reserved.] Copyright 2016 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
 |
|
