The News Of Tomorrow, Today

Subscribe

Hackers Who Got Caught By A Typo Were Trying To Take Over The World

Jamie Condliffe Avatar
Jamie Condliffe
Hackers Who Got Caught By A Typo Were Trying To Take Over The World

The hackers behind a large-scale Bangladesh bank hack went further than simply stealing money. Now it turns out that they created malware that could compromise the internationally used SWIFT payment system.

BAE Systems researchers tell Reuters that the hackers who took the central bank of Bangladesh for a ride compromised the SWIFT system using malware. SWIFT has confirmed to Reuters that it’s “aware of malware targeting its client software”. The organisation plans to issue an update for its software some time today to protect the payment systems from attack.

The malware, called evtdiag.exe, allowed the hackers to change records on SWIFT databases in order to hide what they were up to. The criminals could delete records of transfer requests, intercept messages about payments and manipulate the displayed account balances to cover their tracks.

The software was apparently specifically written to attack the Bangladesh bank, but the theory could, according to the researchers, be applied elsewhere. Adrian Nish from BAE Systems told Reuters that it was one of the most elaborate malware hacks he’d ever come across.

The Bangladesh bank hack until now seemed like a farcically amusing comedy of errors. First, the hackers were brought to a halt because they managed to misspell “foundation” as “fandation” — a typo that was noticed by Deutsche Bank, ultimately bringing the heist to an abrupt end. The criminals did, however, manage to make off with $US80 million ($103.7 million) before they were found out.

Then, just last week, a forensic analysis of the hacks found that the bank had been using second-hand $10 network switches without a firewall to link its computers. Those computers were connected to the SWIFT global payment system, which meant the hackers were able to gain access to the credentials required to make high-value transfers straight into their own accounts.

Reuters claims that the attackers actually targeted a very specific piece of SWIFT software known as Alliance Access. So while the SWIFT system is used by thousands of banks and financial institutions, not all of them are affected by the malware.

[Reuters]

Image: Grant Hutchinson

The Cheapest NBN 50 Plans

It’s the most popular NBN speed in Australia for a reason. Here are the cheapest plans available.

At Gizmodo, we independently select and write about stuff we love and think you'll like too. We have affiliate and advertising partnerships, which means we may collect a share of sales or other compensation from the links on this page. BTW – prices are accurate and items in stock at the time of posting.