April 24, 2016

Hackers Attack Bank In Bangladesh, Almost Got $1 billion

[From article]
Hackers involved in one of the biggest bank robberies in history thought they had won the jackpot - until they were caught out by a simple spelling mistake.
Some 20 people are believed to be behind the £60 million heist ($81m), which targeted the central bank of Bangladesh - which has no firewall.
The hackers also attempted to steal a further £600 million ($850m) but were caught out when they spelt 'foundation' as 'fandation'.
If the hackers had used a dictionary, they would have made off with nearly $1 billion.
Leading investigators in the case said the lack of security made the bank an easy target - and also makes it difficult to find out how the hackers operated, and where from.
Cyber criminals broke into Bangladesh Bank's system in early February and tried to make fraudulent transfers totalling $951 million from its account at the Federal Reserve Bank of New York.
Most of the payments were blocked, but $81 million was routed to accounts in the Philippines and diverted to casinos there.
Most of those funds remain missing, and the masterminds behind the heist have yet to be identified.
Bangladesh police said they had identified 20 foreigners involved in the heist but said they appear to be people who received some of the payments, rather than those who initially stole the money.
[. . .]
'You are talking about an organisation that has access to billions of dollars and they are not taking even the most basic security precautions,' said Jeff Wichman, a consultant with cyber firm Optiv.
[. . .]

Tom Kellermann, a former member of the World Bank security team, said the security shortcomings described by Alam were 'egregious,' and that he believed there were 'a handful' of central banks in developing countries that were equally insecure.
[. . .]
When the hackers attempted to steal a further $850 million by bombarding the New York bank with dozens of transfer requests, the bank's security systems and typing errors in some requests prevented the full theft.
The central bank governor, his two deputies and the country's top banking bureaucrat have lost their jobs over the incident and the government has been desperately attempting to contain the damage from the scandal.


Hackers steal $81 million from a Bangladeshi bank with no firewall... and were only caught out when the illiterate fraudsters spelt 'foundation' as 'fandation'
Hackers thought they had made off with $81m jackpot in electronic heist
Targeted the central bank of Bangladesh but were caught out by spelling
The sum was one of the largest amounts stolen from a bank in history
Some 20 people behind the heist and attempted to steal a further $850m
PUBLISHED: 10:37 EST, 23 April 2016 | UPDATED: 04:45 EST, 24 April 2016

No comments: