A cyber security firm said in a report Friday that the malicious software used in the Bangladesh Central Bank heist in February is linked to the 2014 Sony hack attack.
BAE Systems said in a report that the initial hack looked like to be an isolated incident, but further investigations revealed it’s part of a wide-scale campaign. The Bangladesh Central Bank hired BAE to help find out the root cause of the hack attack.
The security firm said similar malware was used to target a Vietnamese commercial bank with fake messages from the SWIFT money transfer system. The same malware was used in the Bangladesh bank hack. The code used to erase the tracks of the brazen hackers was similar to that used in the Sony attack.
Sony Pictures was hit with a massive hack attack in November 2014 with destructive malware. The attack followed online leaks of unreleased movies and emails between the head of company and several Hollywood celebrities.
Reuters reported that the BAE Systems report connecting the malware attack on the Bangladesh Central Bank to the Sony hack attack in 2014 is likely to come with scrutiny because the White House has pinned the Sony attack on North Korea.
The agency said that some of the similarities in the attacks include names of the programming elements and encryption keys used.
Adrian Nish, the head of BAE’s threat intelligence, told Reuters that they’re still unsure who is conducting the attacks.
“They have a very unique approach," he said. "The links come through the code, which bears the hallmarks of a single, consistent coder."
It’s possible that multiple programmers could use the same types of code or they were recreated to confuse investigators.