Vietnam Bank Reports Attempted Cyberheist

Tien Phong Bank says it thwarted an attack involving the same technique used in the theft from the Bangladesh central bank.
Katie Kuehner-HebertMay 16, 2016

Vietnam’s Tien Phong Bank has thwarted a cyberheist involving fraudulent SWIFT messages, the same technique used in the February theft from the Bangladesh central bank.

TPBank said Sunday that in the fourth quarter of last year, it identified suspicious requests to transfer more than 1 million euros ($1.1 million) of funds using the SWIFT global interbank messaging service.

SWIFT had reported last week that an unnamed commercial bank was targeted by a malware attack similar to the one at Bangladesh Bank in which thieves tried to transfer nearly $1 billion. Most of the requests were blocked but $81 million was stolen.

Drive Business Strategy and Growth

Drive Business Strategy and Growth

Learn how NetSuite Financial Management allows you to quickly and easily model what-if scenarios and generate reports.

The attacks “sparked concerns that hackers had found ways into the messaging system banks rely on to move money securely around the world,” The Wall Street Journal said.

The Vietnamese bank said it caught the attempted hack quickly enough to halt any illicit movement of funds.

The attack “did not cause any losses,” the bank told Reuters. “It had no impact on the SWIFT system in particular and the transaction system between the bank and customers in general.”

The transfer requests were apparently made through the infrastructure of an outside vendor hired to connect TPBank to SWIFT. The bank said it has since discontinued working with that vendor and switched to using a new system that offers a higher level of security and enables it to connect directly with SWIFT.

In the Bangladesh Bank attack, the thieves requested funds from the bank’s account at the New York Federal Reserve. Cybersecurity company BAE Systems has said the attackers modified the Alliance Access server software, which banks use to interface with SWIFT’s messaging platform, so they could make the fraudulent cash transfers and hide the evidence.

SWIFT sent a warning to all of its customers on May 13 about malware used in schemes involving fraudulent transfers over its network. It said it was aware of a “small number” of cases of fraud at its customers.