The second heist reportedly involved Vietnam's Tien Phong Commercial Joint Stock Bank, the financial institution said in a statement.

SWIFT, which facilitates secure and standardized communication among more than 11,000 banking and securities organizations, revealed in both instances that attackers exploited vulnerabilities in banks' funds transfer initiation environments, prior to messages sent over SWIFT. The attackers bypassed the primary risk controls in place and initiated the irrevocable funds transfer process. The hackers also found ways to tamper with the statements and confirmations sometimes used as secondary controls, thereby delaying the victims' ability to recognize the fraud.

SWIFT assured customers that its network, core messaging services and software was not compromised.

"In the earlier case we reported to you, and this particular case we can confirm that: Malicious insiders or external attackers have managed to submit SWIFT messages from financial institutions' back offices, PCs or workstations connected to their local interface to the SWIFT network. The modus operandi of the attackers is similar in both cases," Swift said in its letter.

In the newer case, SWIFT learned that cyberthieves used malware to target the PDF reader application used by customers to read user-generated PDF reports of payment confirmations.

"The attackers clearly exhibit a deep and sophisticated knowledge of specific operational controls within the targeted banks, knowledge that may have been gained from malicious insiders or cyberattacks, or a combination of both," Morey Haber, vice president of technology at the Phoenix-based BeyondTrust, said. "The hackers allegedly learned from internal resources what systems need to be attacked, whom to contact, and what vulnerabilities should be leveraged. The art of the hack then became a simple exploit to exercise due to the insider threat."

Haber also pointed out the insiders leaked critical information to make the heist occur quickly and successfully.

"Basically this is the same problem as the last attack," Ricardo Villadiego, CEO of the Doral, Fla.-based Easy Solutions, said. "The security of the whole system is as secure as the weakest link."

Villadiego compared it to phishing attacks in which cyberthieves steal money from customer accounts without actually breaching the financial institution's security.

"Similarly, once credentials to the SWIFT system are compromised, the security controls embedded into the SWIFT network are meaningless for the security of the systems," he said. "The fraudulent transactions will be securely progressed within the SWIFT network."

Anthony James, vice president of marketing for the San Mateo, Calif.-based TrapX, added, "The Bangladesh Bank cyberheist exemplifies how hackers continue to breach perimeter and endpoint security to successfully infiltrate organizations."

He noted employees should know that clicking on a malicious email link or attachment is a sure way to give a cyberattacker a foothold.

"Once inside, attackers pretty much have free reign to move about laterally through the network, stealing data, diverting funds and compromising additional machines as they go, often not being detected until it is too late," James said.