The hackers who broke into a global bank-messaging system and stole $81 million from the central bank of Bangladesh in February may also be connected to the email hacks on Sony in 2014, and a previously undisclosed theft from a bank in Vietnam, Reuters reported Friday.
The messaging system, SWIFT, is used by 11,000 financial institutions across the world to request and approve money transfers. In the Bangladesh heist, investigators said hackers may have coaxed someone working with the bank to give up credentials, and that thieves exploited the SWIFT system to request money from the Federal Reserve Bank of New York that was then routed to a bank in the Philippines, then transferred to local casinos and stolen.
The theft from the Vietnamese bank had previously been unreported, and investigators told Reuters they believed it was connected with the Bangladesh heist––and the attack on Sony––because malware the hackers used operated in a similar fashion. And while security experts are still learning about how it all happened, Reuters reported that hackers have been monitoring the investigation the whole time:
In Bangladesh, cyber-security experts hired by the central bank said in a report that hackers were still inside the bank's network, monitoring the investigation into one of the biggest cyber heists in the world. Reuters reviewed parts of the report, but the source who shared the document declined to provide access to its full contents, saying the release of some details could hamper a multinational effort to catch the criminals.
Asked about the report, a Bangladesh Bank spokesman said: "We have engaged forensic experts to investigate the whole thing, including this." He did not elaborate.
There are likely three hacking groups inside the SWIFT messaging system, Reuters reported: One is called Group Zero, one is Group Two, and the last is a nation-state actor that steals information, but not money. SWIFT, which is partly owned and run by the world’s largest banks, has been used since the 1970s. The system prides itself on security.