Investigators have continued to probe similar attacks against other financial services firms, dating back to at least 2013. The attacks involve the messaging system maintained by the Brussels-based, bank-owned cooperative SWIFT. Most of the fraudulent SWIFT heists have involved moving money between a number of banks, sometimes also including money exchange services. In both the Bangladesh Bank attack and the failed attack against Vietnam’s TPBank, the attackers conducted extensive analysis in advance, according to a threat intelligence researcher. The malware is a Trojanized version of a Foxit PDF reader used by some of the targeted organizations.”]
Source: https://www.cuinfosecurity.com/5-swift-cyber-heist-investigations-a-9160