Lawsuit exposes $9M cybertheft through banking software

Lawsuit exposes $9M cybertheft through banking software
© Getty Images

Cybercriminals stole $9 million from a bank in Ecuador last year by exploiting the same international messaging service that was compromised in the $81 million hack of Bangladesh's central bank, an obscure lawsuit has revealed.


In both cases, the thieves were able to manipulate SWIFT — used by banks across the world to exchange information about financial transfers — to steal funds from a bank, in this case, Banco del Austro funds held by Wells Fargo.

The Ecuadorian bank has filed a lawsuit against Wells Fargo for failing to notice “red flags” in a dozen fraudulent transfers to banks in Hong Kong in January 2015, The Wall Street Journal reports.

Wells Fargo argues that the suit should be thrown out; if Banco del Austro's claims were implemented, it says, it would place unreasonable expectations on banks to vet all transfers. 

Filings in the case exposed the unreported breach. SWIFT told the Journal that it was never informed of the breach, and on Friday, it issued a notice to users urging them to “immediately inform SWIFT of any suspected fraudulent use of their institution’s SWIFT connectivity or related to SWIFT products and services,” according to Reuters.

The case highlights the difficulties the messaging service faces in securing a network used by thousands of banks across the globe, each with varying security protections.

“Unfortunately, this risk with Swift is nothing new, as technology has evolved, and hackers have gotten more sophisticated,’’ Banco del Astro lawyers wrote in a March 31 court filing.

Some U.S. banks, including JPMorgan Chase, have begun limiting some employees’ access to the software as part of a broader policy to review systems after news of a threat.

SWIFT, a collective owned by more than 3,000 financial institutions, has made it clear it considers the February incident at Bangladesh Bank a failure on the part of the bank, not its software.

Although it has been aggressively warning customers of a malware scheme targeting its software, SWIFT told bank customers in a May 3 letter that they are responsible for securing computers connected to the messaging network.

"At the end of the day, we weren’t breached. It was, from our perspective, a customer fraud," Gottfried Leibbrandt, CEO of SWIFT, said at a financial conference in Frankfurt last week.

The Bangladesh Bank theft and a separate, unsuccessful attempt on a Vietnamese bank using SWIFT has sparked attention on Capitol Hill.

The top Democrat on the Senate Homeland Security Committee this week pressed New York Federal Reserve Bank President William Dudley and SWIFT Managing Director Patrick Antonacci for answers on how they are responding to the Bangladesh Bank heist, which routed funds from the bank’s New York Fed account.

“These cyberattacks raise important questions about the security of the SWIFT system and the ability of its members to prevent future attacks,” Sen. Tom CarperThomas (Tom) Richard CarperCarper urges Biden to nominate ambassadors amid influx at border DC statehood bill picks up Senate holdout The Hill's Morning Report - Presented by Facebook - Cheney poised to be ousted; Biden to host big meeting MORE (D-Del.) wrote in a Thursday letter.