SELECT MESG_S_UMID FROM SAAOWNER.MESG_%s WHERE MESG_SENDER_SWIFT_ADDRESS LIKE '%%% s%%' AND MESG_TRN_REF LIKE '%%%s%%'; The MESG_S_UMID is then passed to DELETE statements, deleting the transaction from the local database. DELETE FROM SAAOWNER.MESG_%s WHERE MESG_S_UMID = '%s'; DELETE FROM SAAOWNER.TEXT_%s WHERE TEXT_S_UMID = '%s';
then sends for printing the 'doctored' (manipulated) copies of such messages in order to cover up the fraudulent transactions. To achieve that, the SWIFT messages the malware locates are read, parsed, and converted into PRT files that describe the text in Printer Command Language (PCL).
noticed the fraudulent transactions 2. SWIFT is calling for an update to the Bank network security a. We have made a mandatory software update available to customers to help them enhance their security and to spot inconsistencies in their local database records. 3. Other Banks have been targeted by the same vulnerability as well 4. The Treasurer of RCBC has resigned, and the manager of one of its branches is facing criminal charges after she withdrew $427,000 from an account linked to the theft. 5. Bangladesh Bank chief governor Atiur Rahman resigned from his post