Bangladesh Bank Heist Linked to 2014 Sony Hack, Cyber Security Firm Claims

“What initially looked to be an isolated incident at one Asian bank turned out to be part of a wider campaign,” report says

Sony Pictures logo Paul Noble

The malware used in February’s $81 million heist at a Bangladesh Bank is linked to the 2014 Sony hack, according to a new report from cyber security firm BAE Systems.

“What initially looked to be an isolated incident at one Asian bank turned out to be part of a wider campaign,” the press release states, according to Reuters.

While BAE is not one of the security firms Bangladesh Bank hired to help after the heist, the security firm found malware by searching through archives that collect samples of malicious files.

The same malware was used in other cyber attacks as well, according to BAE, including an attack on a Vietnamese commercial bank, presumably making fraudulent transfer requests. A distinctive computer code was used to erase the tracks of hackers in the cyber attacks on the banks as well as on Sony.

The report claimed that the malware used to target the Bangladesh Bank had “the same unique characters” as software used in “Operation Blockbuster,” which was a campaign that dates back to at least 2009 and includes the Sony breach.

Similarities include encryption keys and names of programming elements, according to the report.

In November 2014, a hacker group going by the name of “Guardians of Peace” hacked into the network of Sony Pictures of Entertainment and released confidential data, including personal information about employees, emails between employees, information about executive salaries and copies of then-unreleased Sony films.

The hackers demanded the cancellation of the film, “The Interview,” a comedy about a plot to assassinate North Korean leader Kim Jong-un starring Seth Rogen and James Franco. In an effort to do damage control, Sony quickly pulled the movie, eventually releasing it on Netflix and select theaters. After evaluating the software, U.S. intelligence agencies determined North Korea was the source of the attack.

And in February, hackers issued five successful transactions via the SWIFT network totaling $101 million, withdrawn from a Bangladesh Back account at the Federal Reserve Bank of New York. However, $20 million of thatwas traced to Sri Lanka and has since been recovered. The heist sought to steal $951 million, but the New York bank blocked the remaining transactions amounting to an estimated $850 million.

Adrian Nish, BAE’s head of threat intelligence, told Reuters that the company had not determined who was behind the attacks. BAE also said that their report might be hit with scrutiny given that the White House has pinned the Sony attacks on North Korea.

Comments