Cyberattacks targeting international banks have seen an alarming rise in recent times, the most notable of which is the Bangladesh Bank hack which saw cybercriminals making off with $81m. Now, a little known lawsuit has disclosed that a bank in Ecuador was also the victim of a similar attack in 2015 which saw cybercriminals stealing around $9m.
As with the Bangladesh Bank heist, the hackers who targeted the Ecuadorian bank Banco del Austro in January 2015, were also able to gain access to the bank's codes for using Swift – the global bank messaging service - after which they transferred the funds to a different bank in another location, the Wall Street Journal reported.
A commercial bank in Vietnam recently claimed to have thwarted an attempt at a fairly similar cyberheist after identifying the transfer requests as fraudulent.
Natasha de Teran, a spokeswoman for Swift, said the firm had not been made aware of the earlier hack and theft. "We need to be informed by customers of such frauds if they relate to our products and services, so that we can inform and support the wider community. We have been in touch with the bank concerned to get more information and are reminding customers of their obligations to share such information with us," she said.
Banco del Austro has filed a lawsuit against Wells Fargo & Co in New York's federal court for failing to identify "red flags" in several transactions in January 2015 and to stop the cybercriminals from transferring around $12m to banks across the globe. The lawsuit claims that of the $12m stolen, most of which was transferred to various banks in Hong Kong, Banco Del Austro was able to recover $2.8m.
However, around $1.5m was transferred to a bank in Los Angeles, while another bank in Dubai was sent around $1m. It is not known what happened to the money after it was sent to banks in Hong Kong.
Although there are similarities in the techniques used in the Ecuadorean bank and the Bangladesh and Vietnam bank hacks, it is still unclear whether a definite connection can be made to the cybercriminals who carried out the attacks. Swift has since asked banks to be more vigilant against cybercriminals.
So far, the lawyers of both Banco del Austro and Wells Fargo are yet to comment on the case.