A typo stopped hackers siphoning nearly $1bn out of Bangladesh
New York Federal Reserve: Um, do you really want to send that much to these guys?
Cybercrooks looted more than $80m from Bangladesh’s central bank in one of the largest known bank robberies in history.
Fraudsters used stolen credentials to make illegitimate cash transfers from the Bangladesh government’s reserve account at the Federal Reserve Bank of New York.
The damage could have been even worse. If requests hadn’t gone unchallenged, the bank could have seen losses of close to $1bn.
The attack happened about a month ago but only emerged this week. Bangladesh’s government reportedly blames the New York Federal Reserve Bank for not spotting the suspicious transactions earlier. While the Fed did alert Bangladesh to the unusual amount of transaction requests, it confirmed that its own system had not been breached.
At least 30 transfer requests were made on 5 February using the Bangladesh Bank's SWIFT code, out of which five resulted in successful transfers, AP reports, citing Bangladeshi newspaper reports.
If all the transfers were effected thieves would have made off with $950m. However, a spelling mistake in the name of one recipient led Deutsche Bank, which was involved in routing funds, to raise a query. The Federal Reserve Bank of New York flagged up the unusual transfer of funds to private accounts to the Bangladesh central bank at around the same time.
“Four requests to transfer a total of about $81m to the Philippines went through, but a fifth, for $20m, to a Sri Lankan non-profit organisation, was held up because the hackers misspelled the name of the NGO, Shalika Foundation,” Reuters reports.
The crooks misspelled "foundation" in the NGO's name as "fandation", prompting the query from Deutsche Bank.
At least some of the money was laundered through casinos in the Philippines, the NY Post adds. Bangladeshi and Filipino authorities are working together to freeze suspect accounts and recover funds.
“This latest security breach is likely to send shockwaves around the world’s financial institutions,” said Fidelis Cybersecurity CSO, Justin Harvey. “It’s also worrying that Bangladesh’s central bank is passing blame when, as a financial institution holding vast amounts of funds, it needs to take responsibility for its own security posture.”
“Most importantly it shows how critical it is to protect corporate credentials. Those with powerful access rights within an organisation are an easy target for hackers and, if compromised, this can have a devastating impact on any company – financially and in terms of reputation. Spelling mistakes and an unusual amount of activity are tell-tale signs that something untoward is going on and it begs the question whether these were the first slip ups of the cyber criminals,” he added. ®
Sponsored: Global DDoS threat landscape report