17 November 2017
visit www.avoka.com

Swift in the firing line of new bank-targeting Trojan

11 October 2016  |  7416 views  |  0 cyber attack

Several banks have been attacked by a group using a new Trojan and tools that can manipulate Swift customers' transfer logs, warns security outfit Symantec.

The Odinaff Trojan has been used against firms around the world in the banking, securities and trading sectors since January, says Symantec.

The malware is typically deployed in the first stage of an attack to gain a foothold onto a network, providing a persistent presence and the ability to install additional tools.

These additional tools, says Symantec, bear the hallmarks of a sophisticated attacker which has plagued the financial industry since at least 2013 - the Carbanak group which has been implicated in a string of attacks against banks and POS networks.

Among the tactic used by the Odinaff group are the use of malware to hide customers’ own records of Swift messages relating to fraudulent transactions. The tools used are designed to monitor customers’ local message logs for keywords relating to certain transactions. They will then move these logs out of customers’ local Swift software environment.

Symantec says that there is no evidence that the Swift network itself has been compromised. The firm also says that Odinaff does not appear to be related to the recent Lazarus attacks - including the $81 million Bangladesh Bank hack - on banks' Swift environments.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Swift to 'name and shame' banks who fail to meet security standards

Swift to 'name and shame' banks who fail to meet security standards

28 September 2016  |  8140 views  |  1 comments | 16 tweets | 23 linkedin
Swift unveils tool to help banks spot fraudulent transfers

Swift unveils tool to help banks spot fraudulent transfers

20 September 2016  |  7342 views  |  3 comments | 10 tweets | 7 linkedin
T-online site used to distribute banking Trojans

T-online site used to distribute banking Trojans

23 October 2015  |  5757 views  |  0 comments | 5 tweets | 2 linkedin

Related blogs

Create a blog about this story (membership required)
visit www.asiapacificwealthreport.comvisit www.aciworldwide.comvisit www.atos.net

Top topics

Most viewed Most shared
Singapore central bank open sources blockchain prototypesSingapore central bank open sources blockc...
11239 views comments | 15 tweets | 28 linkedin
Digital receipt startup Flux scores game-changing deal with BarclaysDigital receipt startup Flux scores game-c...
9508 views comments | 20 tweets | 36 linkedin
AmEx partners Ripple and Santander for blockchain-enabled cross-border paymentsAmEx partners Ripple and Santander for blo...
8258 views comments | 11 tweets | 35 linkedin
UK cryptocurrency exchange startup launches debit card for spending bitcoinUK cryptocurrency exchange startup launche...
7253 views comments | 26 tweets | 37 linkedin
Visa bids to bring contactless transit payments to the worldVisa bids to bring contactless transit pay...
7131 views comments | 16 tweets | 29 linkedin

Featured job

Competitive base, commission, benefits
London, UK

Find your next job