The heist this February is looking more and more like a modern day version of the Michael Caine bank robbery "The Italian Job" . BAE Systems have now uncovered malware tools that allowed the thieves to net $81M of an attempted $951M in funds from the central bank.
The technical details of the attack have yet to be made public, however we’ve recently identified tools uploaded to online malware repositories that we believe are linked to the heist. The custom malware was submitted by a user in Bangladesh, and contains sophisticated functionality for interacting with local SWIFT Alliance Access software running in the victim infrastructure. This malware appears to be just part of a wider attack toolkit, and would have been used to cover the attackers’ tracks as they sent forged payment instructions to make the transfers. This would have hampered the detection and response to the attack, giving more time for the subsequent money laundering to take place. The tools are highly configurable and given the correct access could feasibly be used for similar attacks in the future.