An international financial consortium warned its customers on Monday that an $81 million cybertheft from Bangladesh's central bank isn't an isolated incident.
SWIFT, the Society of Worldwide Interbank Financial Telecommunications, called the attack one of "a number of recent cyber incidents" in a confidential alert to customers seen by Reuters. The attack could be "malicious insiders or external attackers" who've altered SWIFT software to hide monetary transfers, the consortium said in the alert, which was sent over its system.
Belgium-based SWIFT later confirmed to CNET that internal vulnerabilities at customer institutions had previously been exploited. The organization didn't provide details on either the organizations or the incidents, but confirmed "commonality" in the cases, which sometimes involved malware to hide evidence of the attack.
SWIFT said its core messaging services and network were unaffected by the malware.
The cases appear to involve attackers breaching systems at banks and obtaining operator credentials allowing them to hide evidence of fraudulent payments. The credentials give the attackers the ability to create, approve and submit messages using the banks' systems.
SWIFT didn't place a value on losses.
The cooperative facilitates secure and standardized communication among more than 11,000 banking and securities organizations. It's owned by more than 3,000 financial institutions.
SWIFT released a security update on Monday to eliminate the malware behind the breach.
Update, 11:32 a.m. PT: Added comment from SWIFT.