A malware-wielding gang has been targeting financial firms' SWIFT software to inject fraudulent money-moving messages since at least January in "discreet campaigns" not tied to the Bangladesh Bank hack, security firm Symantec warns.
The emergence of the targeted attacks, which rely on malware called Odinaff, is bad news for banks that rely on the SWIFT network to send money-moving messages. Symantec reports that the malware includes the ability to alter client-side logs used by SWIFT software. It says the attackers appear to be seeking high-value targets and attempting to avoid discovery, rather than pursuing mass-infection campaigns.
The Society for Worldwide Interbank...(continued)