The hackers who attacked Bank of Valletta’s IT systems last month and stole €13 million on 13th February could have tried to keep a ‘back door’ to try to regain access into the system at a later date, the Times of Malta reported.
Files were found hidden in the bank’s systems, which may have been concealed there to allow the hackers to regain access at a later stage, according to sources close to the investigation who spoke to the newspaper.
The hackers used a hacking tool known as PowerShell Empire, which let them move around in the bank’s systems after gaining access.
The Cobalt Gang, an international hacking organisation, is among the lead suspects in the investigation. Cobalt is believed to have stolen as much as €1 billion from banks in as many as 40 countries in recent years.
Cobalt is known for its meticulous planning when studying ATM systems, card processing systems and the international interbank payment messaging system SWIFT before executing attacks.
The group that carried out the siege on BOV was also believed to have targeted another Maltese bank, however their attempts appeared to have been unsuccessful, the sources noted.
New guidelines on banking security are allegedly being drawn up in the wake of the cyberattack.