SWIFT attackers' malware linked to Philippines bank attack and Sony hack

Malware used in a cyber attack against a Philippines bank was linked to Bangladesh bank hackers.
Malware used in a cyber attack against a Philippines bank was linked to Bangladesh bank hackers.

Symantec researchers linked a cyber attack on a Philippines bank to the group that stole $81 million from the Bangladesh Central Bank and to the 2014 Sony hack.

The malware used in the Philippines bank attack was linked to previous attacks which leveraged the Society for Worldwide Interbank Financial Telecommunication (SWIFT) financial messaging service platform to carry out attacks against other financial institutions, according to a May 26 blog post. 

Symantec identified three pieces of malware which were used in limited targeted attacks against the financial industry in South-East Asia and include Backdoor.Fimlis, Backdoor.Fimlis.B, and Backdoor.Contopee, the post said.

Researchers said the Backdoor.Contopee malware was linked to the Lazarus cybergang who used a different malware in attacks against Sony Pictures Entertainment in 2014.

The news comes just days after SWIFT CEO Gottfried Leibbrandt announced details to reinforce the security of his firm's messaging services following a trio of cyber attacks that leveraged malware to gain unauthorized access to the platform.

This latest incident is just another example of how handcuffed nation states and private institutions are in terms of defending themselves against cyber attacks, STEALTHbits Technologies Vice President of Product Marketing Adam Laub, Sr. told SCMagazine.com via emailed comments.

“What other option do nation-states really have but to launch attacks against each other if no one could ever be brought to justice in the first place? The best anyone can do – nation-states, private institutions, and the hackers themselves – is to fortify,” he said.

Laub said nations and private industry should focus should on protecting data, privileged credentials, and the end users from themselves.

“Educating end users on how to recognize and avoid the most common entry points of compromise like phishing and other social engineering tactics would go a long way towards making these types of events much less prevalent,” he said. 

You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS