Spelling mistakes worth nearly a billion dollars
Nearly $1 billion worth of illegal transactions were prevented thanks to a typo in hackers' online money transfer instructions.
Reuters (US) news agency quoted a source from the central bank of Bangladesh as saying that the bank blocked a series of illegal transactions worth nearly 1 billion USD last February thanks to a typo in the hackers' instructions for online money transfers via the bank.
Before that, hackers took advantage of the situation to steal 80 million USD, one of the biggest bank robberies in history.
The case involves the central bank of Bangladesh and the Federal Reserve Bank of New York.
Missed $1 Billion Due to Spelling Error
Two senior officials of Bangladesh's central bank said hackers had penetrated the bank's system and stolen credentials to rob the bank of money.
Central Bank of Bangladesh in Dhaka
They then repeatedly sent the Fed dozens of requests to transfer money from the Bangladesh central bank's account at the Fed to institutions in the Philippines and Sri Lanka.
The first four requests to transfer $81 million to the Philippines went through, but the fifth request to transfer $20 million to a Sri Lankan non-profit was suspended because the organization’s name was misspelled. The Shalika Foundation was typed as Shalika Fandation. The bank that passed through, Deutsche Bank of Germany, asked the central bank of Bangladesh for clarification. There is no non-profit, non-governmental organization in Sri Lanka registered under the name Shalika Foundation.
At this time, the Fed also received from the Bangladesh central bank an unusually large number of payment instructions and requests to transfer money to private organizations - instead of to other banks. The Fed became suspicious and warned the Bangladesh central bank and the details of the online bank robbery with a huge value of 850-870 million USD were clarified and promptly prevented.
The Bangladesh central bank's current account at the FED has billions of dollars for international payments.
There may be an inside job.
The incident occurred between February 4 and 5, which fell on a holiday for the Bangladesh central bank.
The Bangladesh government blamed the Fed for not stopping the illegal transactions in time. On March 10, the Bangladeshi finance minister said Bangladesh may sue the Fed to recover the lost money. The Fed said there was no loophole in its banking system and was working with the Bangladesh central bank to resolve the matter.
More than a month after the incident, Bangladesh’s central bank is still trying to trace and recover the missing money and fix the weaknesses in its system. Bank officials are pessimistic that they have little hope of catching the hackers and that if they do recover the money, it could take months.
Cybersecurity experts investigating the incident said the hackers carried out the heists from outside Bangladesh. The hackers had a good understanding of the internal operations of the Bangladesh central bank, and it is possible that the hacker group had insiders in the bank.
Bangladesh's central bank said it is working with anti-money laundering authorities in the Philippines to recover the missing funds.
Bangladesh's central bank suspects the missing money was transferred to casinos in the Philippines. The Philippine gaming regulator and the Philippine Anti-Money Laundering Agency have launched an investigation.
Online bank robberies are not new or rare. In 2015, Russian computer security company Kaspersky Lab reported that a multinational criminal organization had stolen about $1 billion from 100 banks around the world in two years.
In 2003, Qusay, the son of the late Iraqi president Saddam Hussein, withdrew $1 billion from the Iraqi central bank at the direction of his father, one day before the coalition began airstrikes on Iraq, multiple US and Iraqi government officials said. In 2007, the Dar Es Salaam Bank in Iraq also blocked $282 million in illegal online transactions.
According to VOV
| RELATED NEWS |
|---|