Bangladesh Bank, a commercial bank in Vietnam and ... Sony Pictures are the unlikely bedfellows in a tale of cyber intrigue uncovered by security researchers at BAE Systems.
Researchers Sergei Shevchenko and Adrian Nish have found some links between malware involved in the 2014 attack on Sony Pictures and attacks on two banks involving the theft of credentials for the SWIFT financial transfer network.
The U.S. Federal Bureau of Investigation said North Korea was to blame for the Sony attack (although security experts are divided on the matter).
So is North Korea seeking to boost its foreign currency reserves? Or is someone else conducting a false flag operation -- or just reusing old code?
The link between two pieces of malware used in attacks on Bangalore Bank and on a commercial bank in Vietnam is unambiguous. Shevchenko and Nish decompiled them and found that they used an identical function to wipe a file from an infected computer. The function first fills the file with random characters to ensure nothing can be recovered from the sectors it occupies on the disk, then changes the file's name to a random string before deleting it.