Vietnam’s Tien Phong Commercial Joint Stock Bank said it was the target of a computer attack where hackers tried to steal more than $1.13 million through the bank’s connection to the Swift interbank messaging system.
The attack took the form of a fraudulent transfer request for more than €1 million ($1.13 million), which came through a third-party service the bank used to connect to Swift and was blocked, the bank said in a statement to Reuters.
Swift, a Belgium-based organization, whose technology is used by more than 11,000 banks and other institutions to initiate money transfers and perform other essential financial tasks, warned clients on Friday that hackers abusing its system had struck a second organization.
The latest attempt follows one of the largest cyber heists in history: the theft of more than $80 million from the Bangladesh central bank’s account at the Federal Reserve Bank of New York in February. Swift didn’t name the organization, other than saying it was a commercial bank client.
The attacks show how hackers, in addition to stealing individuals’ credit card numbers and banking credentials to drain accounts, are also abusing the technologies underlying trusted internal links between banks to pull off bigger heists.
“Via a risk warning and oversight system and a tight internal control process, TPBank has identified a suspicious transaction worth more than a million euros transferred by invalid Swift messages that was not executed by the bank itself,” Tien Phong said in the statement to Reuters. “This attack ... did not cause any losses and had no impact on the SWIFT system in particular and the transaction system between the bank and customers in general.”
Tien Phong told Reuters that it is no longer using the third party, which was using a software application that Swift said may have been used in the attack. Swift had earlier said the unnamed client was targeted with an attack against the PDF reader it used to check messages.
In the case of the Bangladesh heist, Mohammed Farashuddin, chief of the government panel on the attack, said in Dhaka on Sunday that the malicious software appears to have been made in Pakistan or North Korea.
A mistake by two engineers working for Swift in linking settlement systems for local and international money transfers in November 2015 apparently created the vulnerability that the attackers exploited, Farashuddin said. Antivirus software was causing problems in establishing the connection, so it was removed without the bank’s knowledge. That mistake probably allowed the hackers to copy the keystrokes of workers in Bangladesh Bank’s back office, he said.
