Cyber-criminals stole about $12 million from an Ecuadorean bank in a 2015 heist that bears all the hallmarks of later attacks against Bangladesh’s central bank and a small Vietnamese lender.
Banco del Austro SA said in a lawsuit filed in New York against San Francisco-based Wells Fargo & Co. that hackers got access to the codes the bank uses to move money via Swift, the global interbank network, and used them to transfer funds from the U.S. bank. Though the attack happened more than 15 months ago, a Swift spokeswoman told Reuters that the firm had only just found out about it, suggesting banks have not been sharing details of such attacks with the cooperative. A Wells Fargo representative did not immediately return a call seeking comment.
Vietnam’s Tien Phong Commercial Joint Stock Bank, known as TPBank, informed the country’s regulators this week that it had fended off a fraudulent transfer request late last year for more than 1 million euros ($1.1 million) that came through a third- party service that the bank used to connect to the Swift system. In February, Bangladesh lost $81 million after its central bank was infected with malware. The hacks have sparked concerns within global banks, some of which are privately pressing Swift to shore up security at its 11,000 members.
“We specifically remind all users to respect their obligations to immediately inform Swift of any suspected fraudulent use of their institution’s Swift connectivity,” the firm said Friday in a statement. “We are currently working to further reinforce our support to customers in securing their access to the Swift network.”
Details of the lawsuit were previously reported by Reuters.