The investigation into the attempted $1 billion electronic heist at the Central Bank of Bangladesh has expanded to as many as 12 more banks that all use the SWIFT payment network.
Security firm FireEye, investigating the hack, has been contacted by numerous other banks, including some in New Zealand and the Philippines. While most of the attempted transfers in the original heist were canceled, some $81 million was sent to the Philippines and subsequently laundered through casinos. The SWIFT organization in a statement said that some of these reports may be false positives and that banks should rigorously review their computing environments to look for hackers.
Symantec, meanwhile, has corroborated earlier claims from BAE Systems that the hackers that stole from the Bangladesh Bank are linked to the hackers that have attacked targets in the US and South Korea since 2009 and that hacked Sony Pictures in 2014. The FBI claimed that those hackers were North Korean. Symantec’s rationale is the same as that of BAE; malware found at the bank, Sony, and other victims, all appears to share common code for securely deleting files to cover its tracks.