Bangladesh Bank attack appears to be part of a bigger threat Credit: Reuters/Dado Ruvic SWIFT, the international banking transactions network, has warned customers of “a number” of recent incidents in which criminals sent fraudulent messages through its system.The warning from SWIFT (Society for Worldwide Interbank Financial Telecommunication) suggests that a February attack on the Bangladesh Bank, in which thieves got away with US $81 million, was not an isolated incident.SWIFT is aware of malware that “aims to reduce financial institutions’ abilities” to find evidence of fraudulent transactions on their local systems, the organization said Tuesday. The malware has “no impact on SWIFT’s network or core messaging services,” it added.SWIFT has informed customers that “there are other instances in which customers’ internal vulnerabilities have been exploited,” the organization added. SWIFT is calling on customers to take steps to secure their systems and has issued a mandatory software update. Attackers in these incidents have compromised bank systems and obtained valid credentials for creating and submitting messages on the network, SWIFT said. “The malware is designed to hide the traces of fraudulent payments from customers’ local database applications and can only be installed on users’ local systems by attackers that have successfully identified and exploited weaknesses in their local security,” the organization said.The hackers, who attacked the Bangladesh Bank, appeared to use custom malware designed to interfere with SWIFT’s transaction software, researchers said this week. SWIFT is now aware of “a number of recent cyber incidents in which malicious insiders or external attackers have managed to submit SWIFT messages from financial institutions’ back-offices, PCs or workstations” connected to the SWIFT network, said a confidential notice seen by Reuters, according to a news story posted Tuesday.SWIFT did not name any victims or disclose the amount of losses related to the recent cyberattacks.The organization has issued a security update on Monday aimed at the malware that researchers identified as used in the Bangladesh attack. The likely Bangladesh malware, identified by researchers from BAE Systems, appears to be a custom attack toolkit, they said. The malware was designed to monitor, delete and alter transaction records in the database used by the SWIFT client software. Related content feature Top cybersecurity M&A deals for 2023 Fears of recession, rising interest rates, mass tech layoffs, and conservative spending trends are likely to make dealmakers cautious, but an ever-increasing need to defend against bigger and faster attacks will likely keep M&A activity steady in By CSO Staff Sep 22, 2023 24 mins Mergers and Acquisitions Mergers and Acquisitions Mergers and Acquisitions brandpost Unmasking ransomware threat clusters: Why it matters to defenders Similar patterns of behavior among ransomware treat groups can help security teams better understand and prepare for attacks By Joan Goodchild Sep 21, 2023 3 mins Cybercrime news analysis China’s offensive cyber operations support “soft power” agenda in Africa Researchers track Chinese cyber espionage intrusions targeting African industrial sectors. By Michael Hill Sep 21, 2023 5 mins Advanced Persistent Threats Cyberattacks Critical Infrastructure brandpost Proactive OT security requires visibility + prevention You cannot protect your operation by simply watching and waiting. It is essential to have a defense-in-depth approach. By Austen Byers Sep 21, 2023 4 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe