This article was published on May 13, 2016

Malware in $81m bank hack has ‘same unique characteristics’ as found in Sony attack


Malware in $81m bank hack has ‘same unique characteristics’ as found in Sony attack Image by: Shutterstock

Investigators looking into the hacks on the Bangladesh Bank and wider SWIFT network of financial institutions have said that some of the evidence found so far suggests that some software found in the Sony hack investigation was also found on the bank’s systems.

According to Reuters, security researchers from BAE Systems looking into the attack say that the malware found has “the same unique characteristics” as software identified by an earlier security project looking at a number of different hacks, including the leaking of Sony’s internal documents at the end of 2014. That hack cost millions to clean up and directly led the company to cancel the theatre release of its controversial movie ‘The Interview.’

The project that identified that software was a coalition of different security companies pooling information on hacks dating back to 2009, and as such, the existence of the same software doesn’t mean that the same people are behind both events. Nonetheless, BAE’s report is confident enough in its analysis of malicious files to draw a connection between them, while noting other possibilities, like hackers sharing code, could also be the case.

Adding to the general misery of the situation, the report also says three different groups are still able to access the Bangladesh Bank, which is connected to the SWIFT financial transaction network. One of those groups include a “nation-state actor.”

The <3 of EU tech

The latest rumblings from the EU tech scene, a story from our wise ol' founder Boris, and some questionable AI art. It's free, every week, in your inbox. Sign up now!

The hack also appears to be part of a wider attack on banks, the report noted, “what initially looked to be an isolated incident at one Asian bank turned out to be part of a wider campaign.”

Suffering an attempted $1 billion hack is bad. The attackers still having access to the systems and the potential to monitor ongoing investigations three months after the event is even worse.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with