Bangladesh Heist Linked to Attack on Sony: BAE Researchers

Advertisement
By Reuters | Updated: 13 May 2016 17:31 IST
Malicious software used in February's $81 million heist at Bangladesh Bank is linked to other cyber-attacks, including the high-profile 2014 attack on Sony's Hollywood studio, according to a new report from cyber-security firm BAE Systems.

"What initially looked to be an isolated incident at one Asian bank turned out to be part of a wider campaign," BAE's cyber-security team said in the report it plans to release on Friday.

Reuters was not able to independently verify the report from BAE, which last month released the first public analysis of malware used in the attack on Bangladesh Bank. BAE, which is not one of the security firms that Bangladesh Bank hired to help with forensics, said it found the malware on its own by combing through repositories that collect samples of malicious files.

Advertisement

Similar malware recently was used to target a Vietnamese commercial bank with fraudulent messages from the Swift money transfer system, which also was used in the Bangladesh hack, BAE said. The distinctive computer code used to erase the tracks of hackers in the bank attacks was similar to code used to attack Sony.

Sony Pictures Entertainment's network was virtually shut down in late 2014 with destructive malware. The attack was followed by online leaks of unreleased movies and emails that caused embarrassment to executives and Hollywood personalities.

Advertisement

BAE did not name the Vietnamese bank, but Swift, the Brussels-based global financial messaging network, disclosed on Thursday that malware had been discovered targeting a new commercial bank. Neither firm said whether funds had been stolen.

The BAE report, which the firm plans to publish on its website, likely will be closely scrutinized because the White House has blamed North Korea for the Sony attack, a charge Pyongyang has rejected.

Advertisement

BAE's head of threat intelligence, Adrian Nish, told Reuters that the company had not determined who was behind the attacks.

The report said the malware used against Bangladesh Bank exhibits "the same unique characteristics" as software used in "Operation Blockbuster," a campaign documented by a coalition of security firms that dates back to at least 2009 and that includes the 2014 Sony breach.

Advertisement

Technical similarities include encryption keys and names of programming elements known as mutual exclusion objects, BAE said in the report.

"They have a very unique approach," Nish said. "The links come through the code, which bears the hallmarks of a single, consistent coder."

BAE said it identified the links between the recent bank hacks and Operation Blockbuster after analyzing tens of millions of malicious file samples.

The report acknowledged that there could be alternate explanations for the similarities.

It is possible that multiple programmers shared the same code, or even that it was painstakingly recreated to confuse investigators, according to BAE.

"Whilst there are possibilities that exist which may lead to alternative hypotheses, these are unlikely," the report said.

© Thomson Reuters 2016

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Redmi Note 17 With an 8,000mAh Battery Debuts at This Price
  2. HMD Asha 505 Render Leaked Revealing Lumia 830-Like Design
  3. Redmi Note 17 Pro Launched With Snapdragon 6s Gen 4 and 9,000mAh Battery
  4. StepFun Unveils StepX Neo as World's First Agentic Smartphone
  5. Nvidia's GeForce Now Cloud Gaming Service Is Finally Available in India
  6. Google Pixel 11 Series Gets Listed on the US FCC Database Ahead of Its Debut
  7. Realme C100x India Launch Date Announced; Here's How Much It Might Cost
  1. Huawei Pura 90s Pro, Pura 90s Pro Max Launched With Kirin 9030S Chip, 6,000mAh Batteries: Price, Features
  2. Redmi Note 17 Launched With 8,000mAh Battery, 50-Megapixel Rear Camera: Price, Specifications
  3. UK Tokenisation Drive May Boost Annual Output by $44 Billion: Report
  4. Redmi Note 17 Pro Launched With Snapdragon 6s Gen 4 and 9,000mAh Battery: Price, Features
  5. Japan’s SBI VC Trade Expands Stablecoin Services With 3 Percent Lending Yield
  6. Meta Pulls Muse AI Image Feature Less Than a Week After User Backlash Highlights Privacy Risks
  7. HMD Asha 505 Surfaces Online With Lumia-Inspired Design, 5-Inch Display in New Leaked Renders
  8. Honor Robot Phone Leak Reveals Key Specifications Ahead of Long-Awaited Debut
  9. Acer Aspire 3 (2026) Launched in India With Up to 15.6-Inch Display, Intel Celeron N4500 Processor: Price, Features
  10. Realme C100x India Launch Date Announced; Leaked Image of Retail Box Hints at Price in India
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.