Swift, the interbank messaging system embroiled in one of thelargest cyber heists in history, warned customers that hackers havestruck again, attacking a commercial bank client that it didn'tname.

The details of a second hack follow a cyber theft in February,when more than $80 million was stolen from Bangladesh's account atthe Federal Reserve Bank of New York. Swift last month warned userslast month that it was aware of several similar attacks.

This time, the hackers used malware to target a PDF reader usedby the customer to check its statement messages, Swift said onFriday. A Swift spokesman declined to reveal the name of the bank,but a U.K.-based security firm, BAE Systems Plc, said in a blog post that it believes the second victim is acommercial bank in Vietnam. BAE isn't directly involved in theinvestigation, but analyzed malware samples uploaded to publicrepositories from locations in both Bangladesh and Vietnam andfound a match.

BAE said details in the code from the Bangladesh and Vietnamhacks also match a third breach, the devastating 2014 attack onSony Pictures, which U.S. officials attributed to North Korea. BAEsaid the match indicates that the same hackers may be behind allthree attacks.

“Forensic experts believe this new discovery evidences that themalware used in the earlier reported customer incident was not asingle occurrence, but part of a wider and highly adaptive campaigntargeting banks,” Swift said in a statement. “The attackers clearly exhibit a deep andsophisticated knowledge of specific operational controls within thetargeted banks –- knowledge that may have been gained frommalicious insiders or cyber attacks, or a combination of both.”

In its warning, Swift said customers using PDF readerapplications to check confirmation messages should take particularcare. Hundreds of billions of dollars are moved internationallythrough the Swift system every day.

Investigators examining the theft from Bangladesh's central bankhave uncovered evidence of three hacking groups — including a grouplinked to North Korea — inside the bank's network but say it was anunidentified group that pulled off the heist, people familiar withthe bank's internal investigation said earlier this week. Theattempted theft of almost $1 billion has prompted central banksaround the globe to review defenses against hackers.

The theft investigation has turned into a massive global manhuntinvolving Interpol and the Federal Bureau of Investigation. The FBIsuspects an insider with access to the Bangladesh bank's technologymay have aided in the heist, according to the person briefed on theinvestigation.

“Malicious insiders or external attackers have managed to submitSwift messages from financial institutions' back offices, PCs orworkstations connected to their local interface to the Swiftnetwork,” Swift said. “The modus operandi of the attackers issimilar in both cases.”

Bloomberg

Copyright 2018 Bloomberg. All rightsreserved. This material may not be published, broadcast, rewritten,or redistributed.