Unknown hackers stole 339.5 million roubles ($6 million) from a Russian bank last year in an attack using the SWIFT international payments messaging system, the Russian central bank said.
The disclosure, buried at the bottom of a central bank report on digital thefts in the Russian banking sector, is the latest in a string of attempted and successful cyber heists using fraudulent wire-transfer requests.
The central bank said it had been sent information about “one successful attack on the work place of a SWIFT system operator.”
“The volume of unsanctioned operations as a result of this attack amounted to 339.5 million roubles,” the bank said.
After the report’s publication, a central bank spokesman said hackers had taken control of a computer at a Russian bank and used the SWIFT system to transfer the money to their own accounts.
The spokesman declined to name the bank or provide further details. He quoted Artem Sychev, deputy head of the central bank’s security department, as saying this was “a common scheme”.
A spokeswoman for SWIFT, whose messaging system is used to transfer trillions of dollars each day, said the company does not comment on specific entities.
“When a case of potential fraud is reported to us, we offer our assistance to the affected user to help secure its environment,” said the spokeswoman, Natasha de Teran.
SWIFT says its own systems have never been compromised by hackers.
Brussels-based SWIFT said late last year digital heists were becoming increasingly prominent as hackers use more sophisticated tools and techniques to launch new attacks.
In December, hackers tried to steal 55 million roubles from Russian state bank Globex using the SWIFT system, and digital thieves made off with $81 million from Bangladesh Bank in February 2016.
SWIFT has declined to disclose the number of attacks or identify any victims, but details on some cases have become public, including attacks on Taiwan’s Far Eastern International Bank and Nepal’s NIC Asia Bank.