Vietnamese bank managed to interrupt $1.1m cyber heist

We shared with y'all last week that following the Bangladeshi bank heist, some other bank was also hit past malware, but it managed to interrupt the cyber heist. Equally speculated past the BAE systems, Vietnamese commercial depository financial institution TPBank has released a statement this weekend confirming an attempted heist, which happened beforethe successful Bangladesh central bank theft.

Vietnamese TPBank foiled a cyber heist in Q4 2022

The global financial messaging network, SWIFT had shared that its network was used to carry out an attack on a commercial depository financial institution, even so, it didn't mention the name of the affected bank. Following the argument by SWIFT, we besides saw a report coming from a security research business firm who, while investigating the People's republic of bangladesh central bank heist discovered that another bank was also hit by malware using like strategies. Security researchers at BAE had said that this 2nd bank affected by cyber heist was a commercial banking company in Vietnam.

Now, Vietnam'south Tien Phong Bank (TPBank) has released a statement saying that it interrupted the attempted theft of approximately $one.one million. Vietnamese banking company was also hit using fraudulent SWIFT letters, with techniques similar to those employed in the successful heist of $81 million from the People's republic of bangladesh Primal Bank. The set on took place at the end of 2022, and this seems to be first public acknowledgement of the attempted heist. Following TPBank's statement, the State Bank of Vietnam is reportedly investigating the attempted depository financial institution theft.

How the criminals tried to steal $1.1 million from TPBank

We have already shared with our readers that this specific grouping of criminals targeting banks seems to either hire services of bank employees or remain inside the network long enough to larn about the vulnerable points. In the Bangladeshi bank heist, the group knew they had to interfere with the printer to validate transfers whereas in the 2nd set on it used a PDF malware, confirming that they had a articulate understanding of the different transfer validation methods used by the banks.

Vietnamese bank has said that the transfers were made using the infrastructure of an outside vendor. This vendor was hired to connect TPBank to the SWIFT bank messaging system. TPBank recognized the suspicious SWIFT messages attempting to transfer $1.1 million and was able to forbid these transfer by immediately contacting all the involved parties. While the statement doesn't name this 3rd-party vendor, the banking concern confirms to accept switched to a new system offering a higher level of security while connecting to SWIFT directly.

Last week, SWIFT in its warning alphabetic character to members had said that the then unnamed Vietnam banking concern uses PDF files to validate transactions, which was manipulated past hackers to remove traces of their fraudulent transactions. While the depository financial institution in its statement refers to malware and a 3rd-political party vendor, it doesn't refer to the PDF malware which was shared in SWIFT's letter.

Since TPBank was attacked at the terminate of final year and Bangladesh's central bank heist didn't happen until this February, it is unknown if SWIFT was aware of the start attempted cyber heist using its messaging network. As SWIFT hasn't yet fabricated any annotate on TPBank'southward statement, it is unclear if TPBank informed SWIFT of this attempted depository financial institution theft, in which case SWIFT would have been able to warn other clients.

TPBank, founded by a top engineering house, is considered 1 of the near technologically savvy banks in Vietnam. "Just final week it was received the "All-time Internet Banking" prize from The Asian Broker,"Reutersreported.