What would happen if we tell you that hackers can target a whole country and get away from the crime? You must have heard about individuals or companies getting hacked and losing millions of dollars. But what could be the situation if a country’s central banking system is under such a hack? What could be the repercussions, let’s find out in today’s blog-series, the Bangladesh Bank Heist!
On February 2016, Bangladesh suffered a significant cyber attack on their Banking system.
04th February 2016 (Thursday) at 08:03 PM (Bangladesh Time Zone), when the staffs were off-work, the attack initiated. Hackers, who infected the Bangladesh banking system almost in January 2016 by sending malware via e-mail to the banking employees, who by mistake is believed to have opened this malicious e-mail and the malware injected in the Banking computer systems. Then the malware was able to give the information on working of the Bangladesh Bank.
Once hacked, the hackers sent a total of 35 requests to transfer a total of USD 951 Million via SWIFT (Society for Worldwide Interbank Financial Telecommunications) from the Federal Reserve Bank of New York account belonging to Bangladesh. Out of these 35 requests, only five were successful amounting to about USD 101 Million with USD 20 Million traced to an NGO in Sri Lanka and USD 81 Million of fraudulent bank accounts in the Philippines.
Luckily the hackers made a spelling mistake. Intended to transfer USD 20 Million to an NGO named “Shalika Foundation,” the hackers misspelled it as “Shalika
USD 81 Million were sent to four accounts in the bank named RCBC in the Philippines.
The malware also had a peculiar nature of deleting all the footprints. Thus, when the Deutsche Bank tried contacting the Bangladesh Bank regarding the recipient name error, the e-mails were deleted. The malware checks the SWIFT messaging system and deletes any incoming messages that might alert the bank official about the fraudulent transfers. It also eliminates any confirmation messages before it is sent to the office printer.
Now, since the heist occurred during the off-working hours on 04th February, when the staff return on Friday, 05th February 2016 they saw an empty printer tray and a broken printer which wasn’t unusual. Since Bangladesh is a Muslim country and Fridays are for the prayers, the boss tells the staff for fixing the printer before leaving for Friday prayer. Meanwhile, the money transferred to RCBC Philippines has landed in four fake bank accounts in a small Manilla branch (opened in May 2015 and left unused till the Bangladesh heist). Some of the money was cashed out (approximately USD 426,200), loaded into a car and driven off.
By Saturday, 06th February 2016, the Bangladesh bank employees realized that the SWIFT messages are getting deleted and relied on the printer to print the details of the SWIFT transaction, only to realize the unauthorized transactions being made from the Federal Bank of New York. The Bangladesh Bank then contacted their US counterpart on a Saturday (off-work holiday in the USA) via e-mail, FAX, and calls, however no response from the New York Fed Office. SWIFT remotely fixed the messaging system, and now it’s Monday in Bangladesh, and they realize where all the money has gone.
Bangladesh now sent SWIFT messages to RCBC Philipines to stop any money transactions into those fraudulent accounts and if done already, to freeze the bank accounts. Unfortunately, it’s a public holiday in Philipines, and these messages went unnoticed until Tuesday, 09th February 2016 morning. Also, unusually Bangladesh sent casual messages relating to the heist which piled up in many unread e-mails from holidays. Eventually, by the time RCBC realized about the situations, USD 58.15 Million of the total money was already transferred, and much of it was ending up in Philippine casinos and remaining already taken out in the form of cash. To let you know, the money in casinos are non-taxed and unaccounted. It is to believe that the money was getting exchanged for the casino chips which could be later cashed out.
Out of the total USD 101 Million, only USD 20 Million (transferred to Sri Lanka) and USD 15 Million from the casino junkies could be recovered. Later, after investigations, it was believed to be done by North Korea just like the
If you look at the aftermath, you’d realize the intense planning behind this attack, that lead to the delay in the complete restriction of funds transfer due to various holiday across the three countries the US, Bangladesh, and the Philippines. The planning for this cyber attack was done for over a year, with no one getting caught in the end. Is it just weird or ultra-smart attack? Let us know your thoughts in the comment section.
Liked our BLOG-SERIES of the top Cyber Attacks of the World? Do let us know your views on the same. Also, which Cyber Attack would you like us to release in the next episode. Do let us know! We’d be publishing one episode on every Wednesday and Saturday, subscribe so that you don’t miss any.
To catch the latest updates of this blog series, do follow us on INSTAGRAM and FACEBOOK.
The post Top Cyber Attacks- Blog Series E3 | Bangladesh Bank Heist appeared first on Cyber Crest.
This post first appeared on TOP CYBER ATTACKS- BLOG SERIES E2 | SONY PICTURES HACK, please read the originial post: here
