Tool: BanSwift| Names | BanSwift | |
| Category | Malware | |
| Type | SWIFT malware | |
| Description | The money was stolen through fraudulent SWIFT transactions, though the SWIFT system itself was not compromised, and malware (Trojan.BanSwift) was used to cover the attackers’ tracks. | |
| Information | <https://medium.com/threat-intel/lazarus-attacks-wannacry-5fdeddee476c> <https://www.anomali.com/blog/evidence-of-stronger-ties-between-north-korea-and-swift-banking-attacks> <https://baesystemsai.blogspot.com/2016/04/two-bytes-to-951m.html> | |
Last change to this tool card: 25 May 2020
Download this tool card in JSON format
Previous: Bankshot
Next: BARBWIRE
| Changed | Name | Country | Observed | ||
APT groups | |||||
 | Lazarus Group, Hidden Cobra, Labyrinth Chollima |  | 2007-Dec 2020  |  | |
1 group listed (1 APT, 0 other, 0 unknown)
|
Thailand Computer Emergency Response Team (ThaiCERT) Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1234 | |
 |
report@thaicert.or.th | |
 |
Download PGP key | |