Spelling mistakes worth nearly a billion dollars
A series of illegal transactions worth nearly $1 billion were prevented thanks to a typo in the hackers' online money transfer instructions.
Reuters (US) news agency quoted a source from Bangladesh's central bank officials as saying that the bank blocked a series of illegal transactions worth nearly $1 billion last February thanks to a typo in the hackers' instructions for online money transfers.
Before that, hackers had taken advantage of the situation to steal 80 million USD, one of the biggest bank robberies in history.
The case involves the central bank of Bangladesh and the US Federal Reserve (FED) in New York.
Lost $1 billion due to spelling mistake
Two senior officials of Bangladesh's central bank said hackers penetrated the bank's system and stole credentials to rob the bank of money.
Central Bank of Bangladesh in Dhaka
They then repeatedly sent the Fed dozens of requests to transfer money from the Bangladesh central bank's account at the Fed to institutions in the Philippines and Sri Lanka.
The first four requests to transfer $81 million to the Philippines went through, but the fifth request to transfer $20 million to a Sri Lankan non-profit was suspended because the organization's name was misspelled. Shalika Foundation was typed as Shalika Fandation. The bank that passed through, Deutsche Bank of Germany, asked the central bank of Bangladesh to clarify. There is no non-profit, non-governmental organization in Sri Lanka registered under the name Shalika Foundation.
At this time, the Fed also received from the Bangladesh central bank an unusually large number of payment instructions and requests to transfer money to private organizations - instead of to other banks. The Fed became suspicious and warned the Bangladesh central bank and the details of the online bank robbery with a huge value of 850-870 million USD were clarified and prevented in time.
Bangladesh central bank's current account at the FED has billions of dollars used for international payments.
There may be an inside job.
The incident took place between February 4 and 5, which fell on a Bangladesh central bank holiday.
The Bangladesh government blamed the Fed for not stopping the illegal transactions in time. On March 10, Bangladesh's finance minister said Bangladesh may sue the Fed to claim compensation for the lost money. The Fed said there was no loophole in its banking system and was still cooperating with the Bangladesh central bank to resolve the matter.
More than a month after the incident, Bangladesh’s central bank is still trying to trace and recover the lost money and fix weaknesses in its system. Bank officials are pessimistic that they have little hope of catching the hackers and that if they do recover the money, it could take months.
Cybersecurity experts investigating the incident said the hackers carried out the heists from outside Bangladesh. The hackers were well aware of the internal workings of the Bangladesh central bank, and it is possible that the hacker group had insiders in the bank.
Bangladesh's central bank said it is working with anti-money laundering authorities in the Philippines to recover the missing money.
Bangladesh's central bank suspects the missing money was transferred to casinos in the Philippines. The Philippine gaming regulator and the Philippine Anti-Money Laundering Agency have launched an investigation.
Online bank robberies are not new or rare. In 2015, Russian computer security company Kaspersky Lab said a multinational criminal organization had robbed about $1 billion from 100 banks around the world in two years.
In 2003, Qusay, son of the late Iraqi president Saddam Hussein, withdrew $1 billion from the Iraqi central bank at the direction of his father, one day before the coalition began airstrikes in Iraq, multiple US and Iraqi government officials said. In 2007, the Dar Es Salaam Bank in Iraq also blocked $282 million in illegal online transactions.
According to VOV
| RELATED NEWS |
|---|
