Earlier this week reports showed another round of SWIFT-related cyber heists, this time targeting banks in Ecuador. A new report in Reuters sheds light on what actually happened to the high-tech thieves’ $12-million loot. Apparently, they moved $9 million to 23 banks in Hong Kong and $3 million to Dubai and other parts of the world. Wells Fargo transfered sums with the total value of $9 million to the accounts of four companies at HSBC and Hang Seng Bank based on authenticated SWIFT transactions. The hackers then distributed the money to what are believed to be phoney business accounts.
Similar to the recent Bangladesh and Vietnam bank attacks, the thieves’ scheme involved the use of the SWIFT messaging platform. Banks use SWIFT’s platform to make financial transfers between each other, and cyber thieves typically send out fraudulent SWIFT messages requesting for funds to be routed to dummy accounts.
In Bangladesh Bank’s case, the thieves used the SWIFT credentials of the institution’s employees to request several transfers to accounts overseas. They got off with $80 million, which would have been much larger if they didn’t misspell the word "foundation." The hackers could have easily accessed the employees’ credentials, because the bank lacked a proper firewall. It’s not clear if that’s also what happened in Ecuador, but the thieves obviously had the same MO.
Read the full article here.