A Taiwanese bank has become the latest to fall victim to hackers siphoning off millions of dollars by targeting the backbone of the world financial system, SWIFT.
SWIFT, or Society for Worldwide Interbank Telecommunication, is a global financial messaging system that thousands of banks and commercial organizations across the world use to transfer billions of dollars every day.
Hackers reportedly last week managed to steal almost $60 Million from Far Eastern International Bank in Taiwan by planting malware on the bank’s servers and through the SWIFT interbank banking system.
According to Taiwanese state-owned news agency Central News Agency, most of the stolen money has now been recovered, with only $500,000 remaining, and authorities have made two arrests in connection with the bank cyber-heist.
Far Eastern on Friday admitted that some unknown hackers managed to install malware on computers and servers within its organization, and most crucially, onto a SWIFT terminal employed by the bank.
Once there, the hackers then obtained credentials needed for payment transfers and then transferred almost $60 million to fraudulent accounts based in the United States, Cambodia and Sri Lanka.
In the wake of the cyber heist, Taiwan Premier William Lai ordered government agencies to review their information security defences and develop appropriate measures to deal with future cyber incidents.
The Criminal Investigation Bureau (CIB) of Taiwan said that it has launched an investigation into the cyber heist and asked the bank to submit details about its computer operations. The bureau has also informed the Interpol of the case and asked for assistance.
Most of the stolen funds have been recovered, and two arrests connected to the cyber theft have already been made in Sri Lanka by the police, and one of them is Litro Gas company chairman Shalila Moonesinghe, according to the Colombo Gazette.
Moonesinghe was arrested by the CIB after the authorities allegedly found $1.1 million of the stolen Taiwanese funds in his personal bank account.
However, the federal authorities are still looking for the third suspect.
“We are looking at some US$1.3 million that had come into three accounts in Sri Lanka,” an unnamed Sri Lankan officer involved in the investigation was quoted as saying in an AFP report. “We have taken two people into custody, and we are looking for one more person.”
It wasn’t the first case in which malware was implanted into a bank’s SWIFT network to steal millions of dollars. Last year, some unknown hackers targeted banks worldwide by gaining access to SWIFT that is being used to transfer billions of dollars every day.
Earlier last year, hackers managed to steal $81 Million from the Bangladesh central bank’s account in the New York Federal Reserve in a similar way—by hacking into SWIFT network using a piece of malware and obtaining credentials needed for payment transfers.
In May same year, another incident was reported in which hackers targeted an unnamed commercial bank and malware installed on SWIFT was used against the banks’ PDF reader.
In May 2016, another case involving SWIFT emerged wherein cybercriminals managed to steal around $12 million from an Ecuadorian bank called Banco del Austro (BDA) by attacking the Swift global network.
Also in June 2016, Hackers stole $10 million from an unnamed bank in Ukraine by exploiting the SWIFT international banking system.