Investigators are looking into data breaches at as many as 12 banks connected to the SWIFT messaging network, after hackers exploited weaknesses in the software to steal $81 million from the Bangladesh central bank, according to Bloomberg.
FireEye, the security firm hired by the Bangladesh Bank to investigate the heist, has been contacted by numerous other banks concerned that they’ve been breached. The other banks are primarily in Southeast Asia, including the Philippines and New Zealand.
{mosads}There is no indication of whether money was stolen, according to Bloomberg, but the requests from the banks stemmed from irregularities similar to those seen in the Bangladesh Bank hack.
SWIFT attempted to downplay the report.
“The emergence of new possible instances of compromise is not entirely surprising given that banks should now be undertaking rigorous reviews of their environments,” it said in a written statement. “Many may turn out to be false positives and or have nothing to do with SWIFT messages.”
In February, unknown hackers stole $81 million from the Bangladesh account at the Federal Reserve Bank in New York in what is considered the largest cyber heist in history.
Security researchers with the British defense contractor BAE Systems said last month that hackers exploited a flaw in SWIFT’s client messaging software, known as Alliance Access.
The Brussels-based software producer is a collective owned by more than 3,000 financial institutions. Banks across the world use the system to exchange information about financial transactions.
SWIFT has said its systems were not breached in the Bangladesh incident, arguing its customers are responsible for securing computers connected to the messaging network.
“At the end of the day, we weren’t breached. It was, from our perspective, a customer fraud,” SWIFT CEO Gottfried Leibbrandt said at a financial conference in Frankfurt earlier this month.
But SWIFT has also issued a notice to its customer banks saying the breach was part of a broader effort targeting the global financial system. A Vietnam bank recently announced that it disrupted an attempted cyber theft that involved the malware used to compromise SWIFT’s software in the Bangladesh heist.
“Forensic experts believe this new discovery evidences that the malware used in the earlier reported customer incident was not a single occurrence, but part of a wider and highly adaptive campaign targeting banks,” the notice said, according to The Wall Street Journal.
Meanwhile, some U.S. banks — including JPMorgan Chase — have begun limiting some employees’ access to the software as part of a broader policy to review systems after news of a threat.