$100 Million of Bangladesh Bank Stolen by Using Malware

A private investigators report revealed that hackers who stole over $100 Million from account of Bangladesh in the Federal Reserve Bank of New York last month had been remotely monitoring activity at the Central Bank of South Asian nation for many weeks and might have breached almost 32 computers of the bank.

The thieves posing as officials of Bangladeshi central bank sent dozens of safe messages to the New York Fed in a coordinated and sophisticated cyberattack, which transferred funds owned by Bangladesh from the Fed to Sri Lanka and Philippines bank accounts.

It become more obvious when the BB cordoned off the production server on 6th February by disconnecting all connections of LAN including the Real Time Gross Settlement (RTGS) connectivity following the SWIFT authority advice, which is after 2 days of the robbery worth $101 Million.

Last year, the RTGS was launched by Central Bank in the month of October to expedite instant settlements of online payments. The RTGS is a method of securities or money transferring between two banks in real time; and it is part of a project that is jointly funded by Asian Development Bank and the Government.

Society of Worldwide Interbank Financial Telecommunication based in Brussels, which is a cooperative owned by around 3,000 global financial institutions recognized as Swift, said that it would request customers to assess their internal security in view of the breach in Central Bank of Bangladesh.

As per the report, it has still not been found that how the malware was installed on the PCs, and this has not been disclosed to public also.

FireEye did not recognize suspects in the report, but blamed "an uncategorized threat group". It mentioned that such types of groups are active "within other customer networks in the financial industry, where these threat actors appear to be financially motivated, and well organized".

As per the officials in Dhaka, a new non-governmental organization in Sri Lanka received $20 Million through wire transfer. Nasdaq.com posted on March 21st, 2016, quoting the officials as saying that the bank of Sri Lanka managing the account reported this unusual transaction to the Central Bank of the country under that country's anti-money-laundering laws and then the money was returned to Fed by the authorities.

» SPAMfighter News - 3/28/2016