24 September 2017
Find out more

Swift in the firing line of new bank-targeting Trojan

11 October 2016  |  7266 views  |  0 cyber attack

Several banks have been attacked by a group using a new Trojan and tools that can manipulate Swift customers' transfer logs, warns security outfit Symantec.

The Odinaff Trojan has been used against firms around the world in the banking, securities and trading sectors since January, says Symantec.

The malware is typically deployed in the first stage of an attack to gain a foothold onto a network, providing a persistent presence and the ability to install additional tools.

These additional tools, says Symantec, bear the hallmarks of a sophisticated attacker which has plagued the financial industry since at least 2013 - the Carbanak group which has been implicated in a string of attacks against banks and POS networks.

Among the tactic used by the Odinaff group are the use of malware to hide customers’ own records of Swift messages relating to fraudulent transactions. The tools used are designed to monitor customers’ local message logs for keywords relating to certain transactions. They will then move these logs out of customers’ local Swift software environment.

Symantec says that there is no evidence that the Swift network itself has been compromised. The firm also says that Odinaff does not appear to be related to the recent Lazarus attacks - including the $81 million Bangladesh Bank hack - on banks' Swift environments.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Swift to 'name and shame' banks who fail to meet security standards

Swift to 'name and shame' banks who fail to meet security standards

28 September 2016  |  7917 views  |  1 comments | 16 tweets | 22 linkedin
Swift unveils tool to help banks spot fraudulent transfers

Swift unveils tool to help banks spot fraudulent transfers

20 September 2016  |  7203 views  |  3 comments | 10 tweets | 7 linkedin
T-online site used to distribute banking Trojans

T-online site used to distribute banking Trojans

23 October 2015  |  5683 views  |  0 comments | 5 tweets | 2 linkedin

Related blogs

Create a blog about this story (membership required)
visit www.abe-eba.euvisit www.sibos.comdownload the paper now

Top topics

Most viewed Most shared
HSBC switches on selfie payments in ChinaHSBC switches on selfie payments in China
13648 views comments | 29 tweets | 44 linkedin
AXA launches blockchain to cover late flight compensationAXA launches blockchain to cover late flig...
10367 views comments | 14 tweets | 30 linkedin
Apple P2P payments service nears launchApple P2P payments service nears launch
8678 views comments | 19 tweets | 27 linkedin
SBI Ripple Asia advances on South KoreaSBI Ripple Asia advances on South Korea
8613 views comments | 16 tweets | 1 linkedin
ISO 20022: The common language of choiceISO 20022: The common language of choice
8379 views comments | 1 tweets | 2 linkedin

Featured job

Competitive base, commission, benefits
London, UK

Find your next job