How Hackers Accessed SWIFT to Steal $81 Million & Erase Evidance

      Today's article is about hacking, In which i will tell how hackers accessed SWIFT to steal $81 million and erase evidence. Here is some points in which you will clearly understand how this type of hacking begins.

•       SWIFT Alliance Software service

      Attackers gain access by some unknown source and install malware. Malware is some type file that contains some viruses that can delete any file from your computer, this type of file is install to harm someone's system.

•     CONFIG FILE gpca.dat

      Malware that were installed decrypts config file that contains important search terms to scan within SWIFT messages.

•     Exploitation

      Malware identifies and exploits host's SWIFT application to bypass validity check within Oracle DLL.

•     Conformation Message

      Conformation message from SWIFT network are now monitored by the malware. Functionality continues in loop until 06:00 6th Fab 2016.

•     Tampered

      SWIFT messages sent to printer are tampered with in real time.

•     PRC and FAL

      PRC and FAL files are scanned for attacker defined terms. On match will extract transfer reference and sender address to from a SQL DELETE statement to delete a transaction.

•     Statement

      Messages that contain attacker defined terms will be used to form SQL statement to query Convertible Currency available and then update transfer amounts.

•      Logout

      Checks the "Login/Logout" status of the journal table every hour and sends result to attacker domain over HTTP.

So here is my article hope you like it.

Please Like/Share/Subscribe 

CODE GRANTED