SWIFT -- the Society for Worldwide Interbank Financial Telecommunication -- insisted its own system had not been compromised, but warned that this latest attack was clearly part of a wide-ranging campaign.
It comes months after a multi-milion dollar heist at the Bangladesh central bank.
"Forensic experts believe this new discovery evidences that the malware used in the earlier reported customer incident was not a single occurrence but part of a wider and highly adaptive campaign targeting banks," the Brussels-based group said in a letter to clients.
"The attackers clearly exhibit a deep and sophisticated knowledge of specific operational controls within the targeted banks -- knowledge that may have been gained from malicious insiders or cyber attacks, or a combination of both," SWIFT said.
More From This Section
In light of the latest attack, SWIFT called on its customers "as a matter of urgency" to review all their internal controls.
"This includes everything from employee checks to password protection to cyber defences," it said, stressing again that the SWIFT network had not been compromised.
Investigators are still trying to work out how the hackers got into the system in that instance amid growing concerns about bank security and what the diverted funds might be used for.
Many attacks are put down to individuals or companies but state or state-sponsored intruders are believed to be increasingly active, seeking key political and economic information or going further, to disrupt and harm rivals.
Analysts Sergei Schenvchenko and Adrian Nish writing in a blog for BAE Systems said they believed the same hacker was behind both cases, citing an incident at a bank in Vietnam.