The North Korean hackers nearly pulled off a $1 billion heist at Bangladesh Bank

The North Korean hackers nearly pulled off a $1 billion heist at Bangladesh Bank: Around 8:30 PM on February 5, 2016, a printer at the Bangladesh Bank’s 10th Floor began to malfunction. The staff thought the problem was an IT glitch when they discovered it at 8:45 pm. The staff did not think too much about the glitches that had occurred before. After the printer was restarted, it started printing messages from New York’s Federal Reserve Bank. This is where Bangladesh has a US-dollar account. It stated that the Fed had received instructions from Bangladesh Bank to drain the entire account.

The North Korean hackers nearly pulled off a $1 billion heist at Bangladesh Bank

The North Korean hackers nearly pulled off a $1 billion heist at Bangladesh Bank

This was the first indication of a compromised system and it led hackers to attempt a bold billion-dollar heist at the Bangladesh Bank. The Lazarus Heist was the most daring cyber-attack ever attempted. The hackers eventually made off with USD81 million.

Two years later, The FBI tracked the heist back the North Korean hackers known as The Lazarus Group. The BBC’s Geoff White and Jean H Lee report on the story of the heist.

BBC reports that the hack of Bangladesh Bank took many years of planning and preparation by hackers who were trained under the direct patronage and supervision of the North Korean government and middlemen from across Asia.

Before the heist, the Lazarus Group was lurking in Bangladesh Bank’s computer networks for over a year. One Rasel Ahlam sent a job application to several employees of Bangladesh Bank in January 2015. Employees were invited to download a cover letter and CV from a website in the application email. Lazarus Group was only able to conjure up Rasel’s identity. An employee of the bank fell for this hoax and downloaded the documents. The virus then infected the system. The hackers were able to hack into the bank’s computer systems and began working their way through digital vaults, accumulating large amounts of cash.

Bangladesh Bank

Four accounts were created in a branch RCRC of the Philippines’ largest bank by hackers’ accomplices, just a few months following the hacker’s access to Bangladesh Bank’s systems. The bank was located next to an ecohotel and a dentist on Jupiter Street, a busy street in Manila. There were signs of suspicious activity: The driver’s licenses used to open the accounts were fakes and the applicants claimed they had the same job title, salary, and worked at different companies. However, they were not noticed. The accounts remained idle for months with the initial $500 deposit unrecovered, while hackers worked on other aspects.

The hackers waited a year for the first phishing email to reach the bank. They feared being caught while trying to hide in the bank’s systems for as long as possible, hoping to find a way out of the bank.

Thursday, February 4, 2016 was the day hackers started to make their big breakthrough. It was Thursday morning in New York. The Fed had plenty of time to execute the hackers’ plans while Bangladesh entered its weekend on Friday and Saturday. After the bank’s Dhaka headquarters was shut down for two days by Bangladesh Bank authorities, New York opened its weekend on Saturday. The time difference caused the delay in the discovery of the theft for nearly three days.

The hackers transferred the money to accounts in Manila, Philippines, after the Fed initiated and transferred the money. The first day of the Lunar New Year in 2016, a national holiday for Asia, fell on Monday, February 8. They used the opportunity to their fullest and created a five-day plan for getting the money out.

The next phase of the plan was initiated after hacking into Bangladesh Bank and creating money conduits. The printer at the 10th floor was the final obstacle. Bangladesh Bank had set up a paper backup system in order to keep track of all transactions from its accounts. The hackers could easily expose the transactions record. They then hacked into its software and removed it from action. The hackers made $951 million in transactions, almost the entire contents of the New York Fed account at Bangladesh Bank, hiding their tracks.

Bangladesh Bank

When Bangladesh Bank discovered the missing money over the weekend, officials tried to figure out what was going on. The bank’s Governor requested US-based cyber-security expert Rakesh Asthana as well as his firm World Informatix’s aid. Asthana immediately got to work and was able to determine how far the hack had gone. The thieves were able to access one of the Bangladesh Bank’s system, known as Swift. It’s the software that is used by a multitude of banks across the globe for coordination of transfers of large amounts between them. The hackers didn’t have to exploit the weaknesses in the system, so it was Swift’s software concerned, the hackers appeared to be legitimate bank employees.

It was soon clear the Bangladesh Bank’s executives that the transactions could not be reversed. A portion of the money had already been deposited in the Philippines in which the authorities informed them that they’d need an order from a court to begin the process of reclaiming the money. The court orders can be seen as public therefore, they were public when Bangladesh Bank finally filed its case in February, the details that were kept private became out in the open.

It was the RCBC bank branch located in Manila where hackers attempted for USD 951million was located in Jupiter Street. There are numerous banks in Manila which hackers could have used, however they decided to use this one and it cost them hundreds of millions of dollars.

বাংলাদেশ ব্যাংক লোগো [ Bangladesh Bank Logo ]

“Jupiter” set alarm bells to ring in the Fed’s computer systems. The transactions were analyzed and the majority of them were blocked. Five transactions were worth US$ 101 million. Of that, 20 million was given to an Sri Lankan charity called the Shalika Foundation, which had been identified by hackers’ associates as a way to transfer the stolen funds.

The foundation’s founder, Shalika Perera, said that she believed that the money was legitimately given to the charity. But a minor error that slowed hackers’ plan made it appear to be a fraud. The transfer was done for”Shalika Foundation “Shalika Foundation”, which was discovered by an attentive bank employee who noticed the spelling error and reversed the transaction. But, USD 81 million remained through. At the point that Bangladesh Bank began its efforts to get the money back the hackers had implemented measures to ensure that the money was not accessed.

On the 5th of February, on a Friday the four accounts established in the previous year in the RCBC branch on Jupiter Street suddenly became active. The money was moved between accounts, transferred to a firm that deals in currency exchange and then converted into local currency before being redeposited by the institution. A portion was then withdrawn in cash.

The thieves launched the next phase of their money laundering operation in the casino flooring of the Solaire which is one of the most beautiful casino floors in Asia and a frequent location among the mainland Chinese gamblers. $50 million was transferred into casinos at Solaire as well as another casino known as the Midas from the $81 million that was transferred by RCBC. RCBC bank.

The rest of the money was given to an unidentified Chinese man identified as Xu Weikang, who is believed to have left the city in a private aircraft and hasn’t been reported missing since, according to an investigation by the Philippines Senate Committee set up to investigate. The reason casinos were created was to disrupt the chain of traceability. It would be difficult for authorities to track down the stolen funds once they had been converted into chips for casinos betting on the tables, and later changed back to cash.

Bangladesh Bank Building in Motijheel Commercial Area, Dhaka

The team was diligent in securing the funds and also. Instead of playing in the casinos’ spaces that were open to the public, they rented private rooms, and filled them with companions who played at the tables, giving them total control over how the cash was used. The thieves also took part in Baccarat which is a well-known game played in Asia and Europe, using money stolen.

There are only two options for this game. an experienced player could recover 90 percent and more from their stake which is a great outcome for those who have been involved in money laundering, who typically receive a less payout. The gamblers were in the casinos of Manila for weeks, cleaning their cash.

In the time, Bangladesh Bank was catching up. Bank officials traveled to Manila to trace any money trails. With regard to casinos, however, the situation got more complicated. In the past, money laundering laws did not apply to casinos located in the Philippines. The money was deposited by gamblers who were legitimate and had every right to gamble at the table and made it nearly impossible to track the laundering funds.

The money that was stolen out of Bangladesh Bank was laundered through the Philippines and other countries, connection to Macau, which is a Chinese island enclave similar in appearance to Hong Kong that is known for gambling and is home to some of the most renowned casinos, started to emerge. A number of the people involved in the Solaire gambling activities were tracked back to Macau.

Officials of Bangladesh Bank Bangladesh Bank were able to recover USD16 million of stolen money of Kim Wong, one of the people who coordinated gambling excursions at Midas Casino. Midas casino. He was charged and charged, but charges were later dropped. The remainder of the USD 34 million however is evaporating. According to the investigators the next stop will be nearer the border of North Korea.

Bangladesh Bank Building in Motijheel Commercial Area, Dhaka
Bangladesh Bank Building in Motijheel Commercial Area, Dhaka

The same hacks were conducted following the heist that took place in 2016. In May 2017 it was revealed that the WannaCry ransomware virus wiped out victims’ files and then charged the victims a ransom of a few hundred dollars to recover their data. The ransom was paid by bitcoin, the cryptocurrency that is also known as Bitcoin. It was reported that the National Health Service in the United Kingdom was particularly hard affected with emergency rooms being affected and crucial cancer treatments required rescheduling.

The detectives of the UK’s National Crime Agency began working together with the FBI to investigate the case they found striking similarities with the viruses used to attack Bangladesh Bank, and the FBI later added the incident to Park Jin-hyok’s claims. According to FBI’s claims that North Korea’s cyber army was now using cryptocurrency, which has largely bypassed banks in the conventional way, and can be able to avoid costly overheads like payments to middlemen.

In the moment, Bangladesh Bank is trying to recover the remaining portion of the money stolen until today. It’s estimated to be about the USD 65-million mark. The Bank has filed legal actions against a number of individuals and institutions which includes the RCBC bank that denies allegations of breaking the regulations.

Read more:

Leave a Comment