Reply to post: Re: Co-op concerns

Analysts apply Occam's razor to Tesco Bank breach

Wensleydale Cheese

Re: Co-op concerns

"For instance, do you know what customer-side SWIFT terminal used to look like until very recently? ... not hardened, used for mail, web browsing, office docs and, er, seven/eight/nine figure transactions."

It gets worse.

Last week's El Reg article $10m of Bangladeshi SWIFT heist ended up in Filipino Casino

takes us back to April's Meet the malware that screwed a Bangladeshi bank out of $81m,

which in turn leads to BAE Systems Threat Research Blog: Two bytes to $951m,

where we see that all the data files are in the Administrator directory tree.

Oops. Right there in public view, and the BAE report didn't even highlight that as a problem.

Apparently the Bangladeshi systems merited their own secure room, so perhaps weren't subject to malware from general surfing / mail / Office nasties, but really, running something like SWIFT from the Admin account?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2020