Slovenian bank was recipient named in failed Vietnam cyber-heist


WEB DESK: Cyber-criminals unsuccessfully tried to send 1.2 million euros ($1.36 million) from a Vietnamese bank to a Slovenian bank via the SWIFT network last December, but there have been no other cases of fraudulent transfers in Vietnam, a top central bank official said on Tuesday.

Le Manh Hung, head of the State Bank of Vietnam’s (SBV) Information Technology Department, told Reuters the Dec. 8 transfer was the only attempt to steal funds detected by Tien Phong Bank (TPBank).

Other Vietnamese banks and the SBV have not been hit, and the name of the Slovenian bank was not known, he said. It was not also clear how many accounts were listed as recipents.

Unlisted TPBank revealed the interrupted cyber heist in response to Reuters inquiries on Sunday. It involved the use of bogus SWIFT messages, the technique at the heart of February’s massive theft from the Bangladesh central bank.

Swift, the linchpin of the global financial system, is used by about 11,000 banks and financial institutions for transactions. The two attacks on banks will likely increase scrutiny on the security of its network.

Interpol was immediately informed of the attack via its representative in Vietnam, Hung said.

“TPBank immediately informed SWIFT and its bank partner to immediately stop that 1.2 million-euro transaction so there was no financial loss,” Hung said. He said TPBank found the bogus transfer through its own reconciliation system.

TPBank has not said which bank the funds were headed to and Hung said he did not know the identity of the Slovenian partner.

“TPBank also reported to Vietnamese legal authorities, SBV and Interpol to coordinate and hunt down the criminals,” he said.

Hung said TPBank was hit because a third-party vendor it had used to connect to the SWIFT money transfer system was likely infected with malware. The vendor’s Internet servers were based in Singapore, he said, adding he did not know the identity of the vendor provider.

OTHER METHODS

SWIFT has declined comment on TPBank’s claims. On Thursday, it had said a unnamed commercial bank was targeted by a malware attack similar to the one at Bangladesh Bank.

However, SWIFT said the malware it had found was used to remove traces of fraudulent transactions, not to conduct the transactions.

In a May 13 statement, it said the attackers had used other methods to compromise the bank’s security and send the fraudulent transfer requests. It did not say what those methods were. (bit.ly/1TezgHe)

Hung said it was the vendor that had been compromised, rather than TPBank’s own systems. TPBank has declined Reuters requests for further comment.

TPBank, founded in 2008 by Vietnam’s top technology firm FPT Corp, is considered one of the communist country’s most modern and tech-savvy banks and it this month received the “Best Internet Banking” prize from The Asian Banker.

Cybersecurity firm BAE Systems last week said malware was used to target a Vietnamese commercial bank using fraudulent SWIFT messages.

Hung said that revelation had initially worried the SBV because it thought more Vietnamese banks had been hit but after enquiries it discovered BAE was referring to the December attack on TPBank.

It checked with Singapore-based IT consultants BLITZ, an authorized SWIFT partner in Vietnam, which he said had upgraded software of all local banks.

“The SBV was very cautious thinking this may be a new attack,” he said.

“But this updated version (software) has many new functions that enable better security to users against hackers.”

In February, in one of the world’s biggest ever cyber-heists, hackers tried to steal nearly $1 billion from Bangladesh Bank’s account at the New York Federal Reserve. Most orders were blocked but $81 million was transferred to accounts in the Philippines and most of the money remains missing. – Reuters

loading...
loading...