Bangladesh bank hackers fail in bid to net $1bn

Cyberthieves who targeted Bangladesh’s central bank tried to get away with $1bn (£700m), reports Reuters.

Quoting banking officials, the agency said the gang behind the raid used stolen credentials to make requests to transfer cash look legitimate.
If all the requests had gone unchallenged, the gang would have got away with about $1bn.
However, the transfers were stopped when the volume of requests raised suspicions at other banks.
The computer hackers behind the breach are believed to have got away with about $80m – one of the largest known bank robberies in history.
To commit the attack, which took place about a month ago, the gang spent time studying the internal processes of Bangladesh’s central bank so they could convincingly pose as officials when requesting the transfers.
However, said Reuters, the sheer number of transactions and a spelling mistake helped alert bank staff to the theft.
The spelling mistake in the name of one recipient of funds led Deutsche Bank, which was helping route the cash, to ask for clarification from the central bank, which then stopped the transaction.

Legal threat

Around the same time, the Federal Reserve Bank of New York had alerted the Bangladesh central bank to a series of suspicious requests to transfer money. The requests are believed to have been flagged because they were to private accounts rather than other banks and because there were so many of them.
If all the transfer requests had been fulfilled, the thieves would have got away with about $950m.
The $80m the hackers did steal ended up in accounts in Sri Lanka and the Philippines, said Reuters. The central bank has started proceedings to recover the cash.
Bangladesh’s government has publicly blamed the New York Fed for not spotting the suspicious transactions earlier. Earlier this week Bangladesh’s Finance Minister Abul Maal Abdul Muhith said it might launch legal action against the US body to help recover the money.
“The Fed must take responsibility,” he said.
The New York Fed said its system had not been breached by the hackers and added that it was working with Bangladesh’s central bank to investigate what happened.
Security and forensics firm Mandiant is also helping the Bangladeshi investigation into the theft.