Vietnamese TPBank thwarted $1m Bangladesh Bank style cyber heist
Similar coding and techniques used in Sony, Bangladesh Bank and Vietnamese Bank hacksGetty Images

A bank in Vietnam successfully managed to thwart an attempt made by hackers to pull-off a cyber heist similar to the one on Bangladesh Bank in February. The Tien Phong Bank in Hanoi said on 15 May that the cyberattack targeted a vendor that the bank had previously used to connect to Swift's systems, which the bank has since stopped using.

According to reports, the TPBank had identified a suspicious request made via Swift's messaging system and subsequently contacted all parties involved to stop the transfer of the funds in the fourth quarter of 2015.

Tien Phong Bank said that the attempted cyber-heist "did not cause any losses. It had no impact on the Swift system in particular and the transaction system between the bank and customers in general", Reuters reported.

Meanwhile, Swift published a report on 13 May highlighting that Bangladesh Bank was not the only financial institution to have been attacked by malicious hackers. Although the global financial messaging service firm declined to name the other bank involved, it specified that both banks were targeted with similar malware attacks.

A separate report by security firm BAE Systems backed Swift's claims. The firm found links connecting the recent bank hack to the 2014 Sony cyberattack. The firm's security researchers found that the same codes and deletion routines were used during the 2014 Sony hack as well, which saw a massive data-leak that led the FBI to conclude that North Korean government sponsored hackers were involved in the Sony hack.

"The overlaps between these samples provide strong links for the same coder being behind the recent bank heist cases and a wider known campaign stretching back almost a decade," BAE System's report concluded.

"The attackers clearly exhibit a deep and sophisticated knowledge of specific operational controls within the targeted banks – knowledge that may have been gained from malicious insiders or cyber attacks, or a combination of both," said Swift.