« previous next »
Pages: 1   Go Down

Author Topic: Hackers Stalked Bangladesh Bank for Two Weeks Before Big Heist  (Read 834 times)

islander

  • SUPREME COURT
  • THE LEGEND
  • *****
  • Posts: 46867
  • If you're from Pluto, you're welcome.
    • View Profile
    • Book Your Travel Tickets
Hackers Stalked Bangladesh Bank for Two Weeks Before Big Heist
« on: March 19, 2016, 02:07:25 PM »

Hackers Stalked Bangladesh Bank for Two Weeks Before Big Heist

by Arun Devnath 
Michael Riley
MichaelRileyDC
March 19, 2016

-Interim investigation report doesn't name possible suspects
-Attackers logged in for short periods from Jan. 24 to Feb. 6

Hackers who stole $101 million from Bangladesh’s central bank stalked its computer systems for almost two weeks beforehand, according to an interim investigation report seen by Bloomberg.

Prepared for Bangladesh Bank by cyber security firms FireEye Inc. and World Informatix, the assessment offers a tantalizing glimpse into how cyber criminals can use banks’ own systems against them. The cyber companies say the thieves deployed malware on servers housed at the central bank to make payments seem genuine.

The report cast the unidentified hackers as a sophisticated group who sought to cover their tracks by deleting computer logs as they went. Before making transfers they sneaked through the network, inserting software that would allow re-entry.

Linkback: https://tubagbohol.mikeligalig.com/index.php?topic=82058.0
Logged
Republic Act 8485 (Animal Welfare Act of 1998, Philippines), as amended and strengthened by House  Bill 6893 of 2013--- violation means a maximum of P250,000 fine with a corresponding three-year jail term and a minimum of P30,000 fine and six months imprisonment

Book your travel tickets anywhere in the world, go to www.12go.co
unionbank online loan application low interest, credit card, easy and fast approval

islander

  • SUPREME COURT
  • THE LEGEND
  • *****
  • Posts: 46867
  • If you're from Pluto, you're welcome.
    • View Profile
    • Book Your Travel Tickets
Re: Hackers Stalked Bangladesh Bank for Two Weeks Before Big Heist
« Reply #1 on: March 19, 2016, 02:08:24 PM »

It’s the sort of thorough operation often mounted by nation-state hackers, according to the report, but FireEye’s intelligence unit believes the group, which it has been tracking for some time, is criminal. "These threat actors appear to be financially motivated, and well organized," the report said.

The heist, which saw payments processed through the bank’s accounts at the U.S. Federal Reserve and money moved to the Philippines and Sri Lanka, was part of a bigger attempt to steal nearly $1 billion in total from the central bank. It exposed weaknesses in systems, sparked a dispute between Bangladesh’s central bank and its finance ministry and cost the central bank governor his job less than five months before he planned to retire.

Linkback: https://tubagbohol.mikeligalig.com/index.php?topic=82058.0
Logged
Republic Act 8485 (Animal Welfare Act of 1998, Philippines), as amended and strengthened by House  Bill 6893 of 2013--- violation means a maximum of P250,000 fine with a corresponding three-year jail term and a minimum of P30,000 fine and six months imprisonment

Book your travel tickets anywhere in the world, go to www.12go.co

islander

  • SUPREME COURT
  • THE LEGEND
  • *****
  • Posts: 46867
  • If you're from Pluto, you're welcome.
    • View Profile
    • Book Your Travel Tickets
Re: Hackers Stalked Bangladesh Bank for Two Weeks Before Big Heist
« Reply #2 on: March 19, 2016, 02:09:45 PM »

Fed Accounts

The hackers sent $81 million from Bangladesh Bank’s account in New York to the Philippines, and another $20 million to Sri Lanka. The Federal Reserve Bank of New York blocked transactions worth another $850 million. A bank in Sri Lanka stopped and returned the cash, while the money in the Philippines is still missing, leading to a Senate probe that is riveting the nation.

"Malware was specifically designed for a targeted attack on Bangladesh Bank to operate on SWIFT Alliance Access servers," the interim report said. Those servers are operated by the bank but run the SWIFT interface, and the report makes it clear the breach stretches into other parts of the bank’s network as well. "The security breach of the SWIFT environment is part of a much larger breach that is currently under investigation."

Linkback: https://tubagbohol.mikeligalig.com/index.php?topic=82058.0
Logged
Republic Act 8485 (Animal Welfare Act of 1998, Philippines), as amended and strengthened by House  Bill 6893 of 2013--- violation means a maximum of P250,000 fine with a corresponding three-year jail term and a minimum of P30,000 fine and six months imprisonment

Book your travel tickets anywhere in the world, go to www.12go.co
unionbank online loan application low interest, credit card, easy and fast approval

islander

  • SUPREME COURT
  • THE LEGEND
  • *****
  • Posts: 46867
  • If you're from Pluto, you're welcome.
    • View Profile
    • Book Your Travel Tickets
Re: Hackers Stalked Bangladesh Bank for Two Weeks Before Big Heist
« Reply #3 on: March 19, 2016, 02:10:41 PM »

SWIFT Codes

SWIFT is a member-owned cooperative that provides international codes to facilitate payments between banks globally. It can’t comment on the investigation, according to Charlie Booth from Brunswick Group, a corporate advisory firm that represents SWIFT.

“We reiterate that the SWIFT network itself was not breached,” Booth said in an e-mail. “There is a full investigation underway, on what appears to be a specific and targeted attack on the victim’s local systems.” SWIFT said last week its "core messaging services were not impacted by the issue and continued to work as normal."

Dedicated servers running the SWIFT system are located in the back office of the Accounts and Budgeting Department of Bangladesh Bank. They are connected with three terminals for payment communications.

Linkback: https://tubagbohol.mikeligalig.com/index.php?topic=82058.0
Logged
Republic Act 8485 (Animal Welfare Act of 1998, Philippines), as amended and strengthened by House  Bill 6893 of 2013--- violation means a maximum of P250,000 fine with a corresponding three-year jail term and a minimum of P30,000 fine and six months imprisonment

Book your travel tickets anywhere in the world, go to www.12go.co

islander

  • SUPREME COURT
  • THE LEGEND
  • *****
  • Posts: 46867
  • If you're from Pluto, you're welcome.
    • View Profile
    • Book Your Travel Tickets
Re: Hackers Stalked Bangladesh Bank for Two Weeks Before Big Heist
« Reply #4 on: March 19, 2016, 02:12:27 PM »

Brief Log-Ins

Patrick Neighorn, a spokesman for FireEye, declined to comment on the report or the investigation. An e-mail to Rakesh Asthana, managing director of World Informatix, wasn’t immediately returned. A call to the company’s office wasn’t answered. Subhankar Saha, spokesman for Bangladesh Bank, said he’s not aware of the report.

The assessment found the first suspicious log-in came on Jan. 24 and lasted less than a minute. On Jan. 29, attackers installed “SysMon in SWIFTLIVE" in what was interpreted as reconnaissance activity, and appeared to operate exclusively with “local administrator accounts.”

Linkback: https://tubagbohol.mikeligalig.com/index.php?topic=82058.0
Logged
Republic Act 8485 (Animal Welfare Act of 1998, Philippines), as amended and strengthened by House  Bill 6893 of 2013--- violation means a maximum of P250,000 fine with a corresponding three-year jail term and a minimum of P30,000 fine and six months imprisonment

Book your travel tickets anywhere in the world, go to www.12go.co

islander

  • SUPREME COURT
  • THE LEGEND
  • *****
  • Posts: 46867
  • If you're from Pluto, you're welcome.
    • View Profile
    • Book Your Travel Tickets
Re: Hackers Stalked Bangladesh Bank for Two Weeks Before Big Heist
« Reply #5 on: March 19, 2016, 02:15:13 PM »

Operator logs showed the hackers logged in for short periods of time until Feb. 6, according to the report. The four transfers that went to the Philippines occurred on Feb. 4. The report said the hackers have already hit other FireEye clients, though it’s unclear if those include other central banks.

As of March 16, the FireEye team was about half-way through the examination of the central bank’s computer network.

"Complex malwares have been identified with advanced features of command & control communication, harvesting of credentials and to securely erase all traces of activity after accomplishing its task," the report said. It identified 32 "compromised assets" that “were used for reconnaissance and to gain control of the SWIFT servers and related assets."

http://www.bloomberg.com/

Linkback: https://tubagbohol.mikeligalig.com/index.php?topic=82058.0
Logged
Republic Act 8485 (Animal Welfare Act of 1998, Philippines), as amended and strengthened by House  Bill 6893 of 2013--- violation means a maximum of P250,000 fine with a corresponding three-year jail term and a minimum of P30,000 fine and six months imprisonment

Book your travel tickets anywhere in the world, go to www.12go.co
unionbank online loan application low interest, credit card, easy and fast approval
Pages: 1   Go Up
« previous next »
Tags: