18 February 2018
Visit www.avoka.com

Swift in the firing line of new bank-targeting Trojan

11 October 2016  |  7640 views  |  0 cyber attack

Several banks have been attacked by a group using a new Trojan and tools that can manipulate Swift customers' transfer logs, warns security outfit Symantec.

The Odinaff Trojan has been used against firms around the world in the banking, securities and trading sectors since January, says Symantec.

The malware is typically deployed in the first stage of an attack to gain a foothold onto a network, providing a persistent presence and the ability to install additional tools.

These additional tools, says Symantec, bear the hallmarks of a sophisticated attacker which has plagued the financial industry since at least 2013 - the Carbanak group which has been implicated in a string of attacks against banks and POS networks.

Among the tactic used by the Odinaff group are the use of malware to hide customers’ own records of Swift messages relating to fraudulent transactions. The tools used are designed to monitor customers’ local message logs for keywords relating to certain transactions. They will then move these logs out of customers’ local Swift software environment.

Symantec says that there is no evidence that the Swift network itself has been compromised. The firm also says that Odinaff does not appear to be related to the recent Lazarus attacks - including the $81 million Bangladesh Bank hack - on banks' Swift environments.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Swift to 'name and shame' banks who fail to meet security standards

Swift to 'name and shame' banks who fail to meet security standards

28 September 2016  |  8388 views  |  1 comments | 16 tweets | 23 linkedin
Swift unveils tool to help banks spot fraudulent transfers

Swift unveils tool to help banks spot fraudulent transfers

20 September 2016  |  7529 views  |  3 comments | 10 tweets | 7 linkedin
T-online site used to distribute banking Trojans

T-online site used to distribute banking Trojans

23 October 2015  |  5912 views  |  0 comments | 5 tweets | 2 linkedin

Related blogs

Create a blog about this story (membership required)
visit www.ebaday.comVisit https://www.capgemini.comvisit www.swift.com/your-needs/instant-payments

Who is commenting?

Top topics

Most viewed Most shared
Saudi central bank provides sandbox for banks to try out Ripple techSaudi central bank provides sandbox for ba...
10722 views comments | 16 tweets | 11 linkedin
Aussie real-time payments platform goes liveAussie real-time payments platform goes li...
8401 views comments | 15 tweets | 41 linkedin
ECB launches staunch defence of cashECB launches staunch defence of cash
8099 views 10 comments | 21 tweets | 26 linkedin
hands typing furiouslyHow can Blockchain Help with AML KYC
7833 views 3 | 9 tweets | 4 linkedin

Featured job

Competitive base + commission
London, UK

Find your next job