Attackers Use SWIFT System to Hack Global Banks


Hackers have reportedly infected as many as 20 organizations with malware in an attempt to take down the global financial system.

According to Symantec, the group—dubbed Odinaff—is robbing banks using fraudulent SWIFT (Society for Worldwide Interbank Financial Telecommunication) messages. SWIFT is used for a majority of international interbank communication, and enables global financial institutions to send and receive information about transactions in a secure, standardized environment.

Attackers, however, have repeatedly overcome local security measures to enter the SWIFT system, generate money orders from various banks, and send millions to fraudulent accounts.

"Since January, discreet campaigns involving malware called Trojan.Odinaff have targeted financial organizations worldwide," Symantec Security Response wrote in a blog post.

Invasions appear to be focused on those in the banking, securities, trading, and payroll sectors, as well as companies providing support services, and most frequently target the US, Hong Kong, Australia, the UK, and Ukraine.

Symantec noted a potential connection to Carbanak, a sophisticated hacker who has plagued the financial industry since at least 2013. "Although difficult to perform, these kinds of attacks on banks can be highly lucrative," the blog said. "Estimates of total losses to Carbanak-linked attacks range from tens of millions to hundreds of millions of dollars."

As Reuters points out, the hacking of SWIFT messages is the same approach that generated $81 million in a February attack on Bangladesh's central bank. No additional victims have been identified.

SWIFT did not immediately respond to PCMag's request for comment. A spokeswoman, however, told Reuters that the cooperative's customer security intelligence team warned members about Odinaff's activities over the summer.

0 Comment

Leave a Reply

Captcha image


  • 5300c769af79e

    Outdated Federal IT Gobbles Up Vendor Opportunities

    As a result, the amount of money available for investing in modernizing IT keeps shrinking, thus depriving vendors of major marketing opportunities at the federal level.For example, nearly half the federal agency respondents to a recent survey said their agencies still used JavaScript (46 percent) and Java (43 percent).
  • 5300c769af79e

    OnePlus 5: First 10 Things to Do!

    When that early OnePlus 5 order arrives over the next few days, we think we’ve got you covered with some of the first things to consider doing once you finish the setup process.We’re talking about tweaking items like the navigation buttons and whether or not to go on-screen, capacitive, or a mixture of the two.
  • 5300c769af79e

    Weekly Rewind: Google stores, Nintendo’s Switch, get used to hearing ‘LeEco’

    The Nintendo ‘NX’ is Now the Nintendo ‘Switch’ After months of speculation, Nintendo released a trailer announcing that its next console will be called the Nintendo Switch, and will launch in March, 2017.The Nintendo Switch will be a hybrid console that be used at home on a TV, and also as a portable console similar to Nintendo’s Game Boy and DS lines.
  • 5300c769af79e

    Golden Frog VyprVPN (for iPhone)

    To sign up for a free account, simply download one of VyprVPN's desktop or mobile clients.Golden Frog allows all VyprVPN users to share files via P2P or BitTorrent, regardless of the server they are on.