Malware Bank Attacks May Be Linked To Sony Pictures Hack

itwbennett writes: Researchers at BAE Systems have found a long chain of coding coincidences linking attempted fraud over the SWIFT network to the 2014 Sony Pictures hack. "The overlaps between these samples provide strong links for the same coder being behind the recent bank heist cases and a wider known campaign stretching back almost a decade," the researchers concluded. But it's still anybody's guess who's behind all these attacks: in Bangladesh, government officials are pointing the finger at SWIFT technicians who worked on the central bank's network last year, while the FBI says that attack was an inside job -- but blames the North Koreans for the Sony hack.
Sunday a bank in Vietnam revealed that it had also identified and blocked a $1.13 million fraud attempt, saying that a third-party service it used to connect to SWIFT's global money transfers system may have been attacked by hackers.

Attacks à la Sony?

[hcs_$reboot]

Sony was attacked a number of times these past years, and some of these attacks targeted easy flaws, like SQL injection for instance. Are these bank attacks as dumb as Sony ones?

Re: Attacks à la Sony?

[Anonymous Coward]

The attack on Sony, I thought the initial attack vector consisted of compromised employee credentials which were leveraged to gain access, delete files, and upload malware. Please do correct me if that's incorrect.

Re: Attacks à la Sony?

[hcs_$reboot]

Visit the SQL injection Hall of Fame [codecurmudgeon.com] and search "Sony"...

Re:

[Tablizer]

Arguing with nuts is usually a waste of time. People who hallucinate Jews under their bed are still going to "see" them under there even if you have 50 witnesses; they'll just say the witnesses were paid by the Jews to lie.

Rock, paper, scissors, hallucinations. Hallucinations always win.

north korea not really believable

[bloodhawk]

The FBI blaming the North Korean's always looked like at best a political motivated finger pointing of "we can't find who really did it but North Korea are currently pissing us off so lets blame them."

Re:

[BigU+03C0mpin]

I disagree. Sony's not been able to turn a profit for a while,
they're probably running very lean on the in-house technology
infrastructure side of the business. Probably too busy trying
to come up with, patent, and profit off some revolutionary new
piece of hardware.

I could totally buy North Korea getting into Sony. They could
easily hire Russian, Chinese, or some other hackers to do it.

Re:

[Anonymous Coward]

From what I could gather in industry conferences from people closer to the case... yeah, it was really NK.

Malware Korean bank heist attack Bangladesh fraud?

[tetraverse]

Who's behind the malware that prevents peoples brains saying Microsoft Windows in relation to malware fraud.

Re:

[khz6955]

Is this what international banking has been reduced to by the worlds most innovative computer ecosystem. The financial worlds currency system gets hacked through a front-end running on Windows and people think that's normal. Microsoft the company that made typing dangerous.

Re:Malware Korean bank heist attack Bangladesh fra

[bloodhawk]

At some point you are at the mercy of those running the system. Operating System is irrelevant, it is the programs, the auditing and alerting that run on the system. Given how many people have been caught over the last hundred years doing similar scams from inside banks with fake accounts etc (and who knows how many more that got away with it or were hushed up) this is a people and processes problem in that as it was an insider with all the access, they needed to catch it faster as in the end it is near impossible to completely prevent an insider from abusing trust.

Re:

[khz6955]

@Anonymous: "So which OS protects you from a admin with malicious intent?"

@bloodhawk: "At some point you are at the mercy of those running the system. Operating System is irrelevant, it is the programs, the auditing and alerting that run on the system. Given how many people have been caught over the last hundred years doing similar scams from inside banks"

The second system that runs transparently to the first, that provides a full and irrevocable audit trail on the first, in order to precisely catch s

Re:

[bloodhawk]

So how does that solve user X typing into a terminal that Fake Person A just opened an Account and transferred X Dollars in or deposited Y dollars in or has requested a transfer of Z dollars. Those systems ONLY provide the audit trail, they do nothing to prevent the actual fraud as until you know the people are not real or the real deposits never happened it is based on trust of those entering it into the system.

Inside job

[Anonymous Coward]

The Sony hack was an inside job done from an internal machine.

How fucking hard it is to track that down if marginally competent people are investigating?

This latest bank "attack" was also a (completely unrelated) inside job.

Re:

[Anonymous Coward]

Very much this.
It is trivial to shouldersurf for credentials in offices because people are so engrossed with their work, or boredom.
Either way, they are so stuck in their own head to get away from the awfulness of being in offices that you could probably walk around in a clown outfit and not be questioned.

And in even shittier networks and machines, you could probably easily install keyloggers, if not software, then hardware loggers.
Hardware loggers can get around pretty much any software defences.
Then you p

Hey now

[ArchieBunker]

Sony pays good money to the government to place the blame on North Korea.

Pointing fingers

[Opportunist]

In other words, nobody knows who did it but everyone has a favorite scapegoat that should be responsible, not because it's likely but because they'd like it.

Re:

[Opportunist]

Oh, "it was hackers" means "we get to make shit up"?

Uhhhh... network much?

[wbr1]

The overlaps between these samples provide strong links for the same coder being behind the recent bank heist cases and a wider known campaign stretching back almost a decade

Maybe the coder is selling his code. Doesn't mean he is behind these campaigns...

Norks

[ThatsNotPudding]

I can't imagine North Korea had an undersea fiber cable laid, nor is borrowing a cup of bandwith from their southern cousins.

That leaves one country fulfilling the role of NKs ISP. Funny how they continue to get a free pass. It's almost like both governments are of like mind and cooperate on this sort of theft and destruction.

A malicious bank attacked somebody?

[Nunya666]

When I first read the headline, I thought it was describing a malicious bank that was attacking somebody or something.

I guess I need to read more content before I jump to conclusions. Or maybe the editors/authors should learn to create better headlines.