How a hacker’s typo spoiled a billion dollar bank robbery
The Bangladesh central bank came under a very severe hacking attack this month but due to a simple typo made by one of the hackers, nearly a billion dollars were saved from being stolen.
Sometime between the 4th and 5th of February, hackers breached the Bangladesh Bank’s systems, stealing credentials for its payments transfers and managed to get away with nearly $80 million, making it one of the biggest bank heists in history. But shockingly, it could have been the biggest bank heist ever worth a whopping one billion dollars if it were not for a simple spelling mistake in the name of the fake company that the money was being transferred to.
The bank officials have now disclosed that after breaching the bank system and stealing the credentials, the hackers bombarded the Federal Reserve Bank of New York with nearly three dozen requests move money from the Bangladesh Bank’s account there to entities in the Philippines and Sri Lanka. Four requests to transfer a total of about $81 million to the Philippines went through, but the fifth one to transfer $20 million to a Sri Lankan non-profit organization was held up because the hackers misspelled the name of a non-existent NGO, Shalika Foundation, by writing “fandation” instead of “foundation”. This prompted the Deutsche Bank to seek clarification from the Bangladesh central bank, thereby stopping the transaction.
On the other hand, this unusually large number of payment instructions and the transfer requests to private entities- as opposed to other banks – raised suspicions at the Federal Reserve Bank and they alerted the Bangladesh Bank, stopping the attack in its tracks. According to the officials, transactions that were stopped totalled $850-$870 million.
Initially, the central bank was not sure if its system had been breached, but then cyber security experts were brought in and after some investigation, they confirmed the finding of hacker footprints and also pointed out that the attack originated from outside of Bangladesh. The bank is currently working with anti-money laundering authorities in the Philippines and has already managed to recover some of the stolen money.
If the hackers had indeed managed to get away with the terrifyingly large amount of $1 billion, this would have easily been the biggest bank heist in history- let alone a cyber heist. It seems even more worrisome when you consider the fact that all this was done by a few individuals from somewhere outside the country. Cyber attacking is on the rise clearly and recently, Habib Bank Limited of Pakistan has also been suffering from the wrath of cyber hackers, leading to the blocking of thousands of debit cards.