Skip to content
City PM
  • Germany
  • France
  • Europe
  • Markets
  • Business
  • Opinion
  • DE
  • Germany
  • France
  • Europe
  • Markets
  • Business
  • Opinion
  • DE
Wednesday 27 April 2016 9:40 am

Banks and other financial institutions have been warned by Swift they’re vulnerable to this specific new malware cyber attack after Bangladesh central bank hack

By: Lynsey Barber

Add as a preferred source on Google

The world's biggest banks have been warned they are vulnerable to a specific cyber attack which has been linked to one of the largest hacks of the year against the central bank of Bangladesh.

Malware that hides fraudulent transactions made via the Swift payments system – the global technology governing international transfers which is used by major financial institutions and individuals – has been identified by security researchers.

This has prompted Swift, the cooperative group based in Belgium which runs the system, to warn banks and other customers that they may be targeted by the malware.

It said in a statement:

Swift is aware of a malware that aims to reduce financial institutions’ abilities to evidence fraudulent transactions on their local systems … We understand that the malware is designed to hide the traces of fraudulent payments from customers’ local database applications and can only be installed on users’ local systems by attackers that have successfully identified and exploited weaknesses in their local security.

It told banks using Swift they should ensure there is adequate security to safeguard their systems, "particularly those with access to the Swift systems".

Security researchers at BAE Systems identified the malware in connection with the heist on the Bangladesh central bank which hit headlines in March. Hackers managed to transfer $80m but were foiled in their attempt to take as much as $1bn by a typo in one of the transfers. 

Read more: Adele targeted by hackers

In a blog post published on Monday, BAE Systems' Sergei Shevchenko said:

"The technical details of the attack have yet to be made public, however we’ve recently identified tools uploaded to online malware repositories that we believe are linked to the heist. The custom malware was submitted by a user in Bangladesh, and contains sophisticated functionality for interacting with local Swift Alliance Access software running in the victim infrastructure."

The elaborate and unusual malware attack masks the false transaction, including intercepting a print out of a confirmation message of the fraud which could be spotted, replacing it with a doctored version that will go unnoticed.

Read more: A third of business chiefs think they'll be hacked

"The analysed sample allows a glimpse into the toolkit of one of the team in well-planned bank heist. Many pieces of the puzzle are still missing though: how the attackers sent the fraudulent transfers; how the malware was implanted; and crucially, who was behind this," concluded Shevchenko.

"This malware was written bespoke for attacking a specific victim infrastructure, but the general tools, techniques and procedures used in the attack may allow the gang to strike again."

Swift clarified that it was not itself, nor its system, compromised by the malware. "Contrary to reports that suggest otherwise, this malware has no impact on Swift’s network or core messaging services," it added.

Share this article

  • Facebook
  • X
  • LinkedIn
  • WhatsApp
  • Email

Similarly tagged content:

Sections

  • News

Categories

  • Tech

Trending Articles

  • James Watt offers to buy back Brewdog

  • Citroën 2CV returns as a £13,000 electric car, and the timing is no accident

  • Motsepe backed to succeed Fifa’s Infantino by South African minister

  • Brewdog owner shrugs off James Watt takeover bid

  • Finsbury lines up Games Workshop splurge using merger windfall

More from City PM

  • Barclays, HSBC, Lloyds, and NatWest among the first banks in the world to adopt new Swift framework for enhanced international consumer payments

    Business Wire
  • Bank of England to relax capital rules despite warning of economic threats

    Banking
    Bank of England building on Threadneedle Street, London, showcasing its historic architecture and financial significance
  • Mining boss: Platinum to become a central bank reserve asset

    Mining
    Platinum bars stacked in a vault, illustrating the surge in platinum prices as they doubled in 2025.
  • Taktile Secures $110M in Goldman Sachs-led Series C to Power AI Transformation in Financial Institutions

    Business Wire
  • Abbove strengthens its banking position with the deployment of its platform at ING in Belgium

    Business Wire
  • Bank of England governor opens door to ‘simplifying’ financial rulebook

    Regulation
    Bank of England Governor Andrew Bailey said cited several indicators that the labour market was softening.
  • Kraken Goes Live on Trever to Bring Full-Service Prime Brokerage to European Financial Institutions

    Business Wire
  • XFolio AI Acquires Absolute Payment Solutions to Unify Treasury and Payments for UK Corporates

    Business Wire

City PM — European politics, business and analysis.

Europe

  • Germany
  • France
  • Europe
  • UK & Ireland

Topics

  • Business
  • Markets
  • AI
  • Technology
  • Opinion
  • Energy

More

  • Politics
  • Economics
  • Fintech
  • Legal
  • Sport
  • Life

Company

  • About City PM
  • Editorial Policy
  • Corrections
  • Contact
  • Terms of Use
  • Privacy Policy
  • Cookie Policy
© 2026 City PM · Published by CityPM Media, Bahnhofstrasse 65, 8001 Zürich, Switzerland
About · Editorial Policy · Corrections · Contact · Privacy · Facebook