It was only coincidence that the central bank of Bangladesh lost almost a billion, but only a few tens of millions of dollars in a digital theft in early 2016. This emerges from research by the BCC, which traces what happened.
Accordingly, the foray allegedly controlled by the “Lazarus Group” from North Korea was particularly sophisticated, but the largest tranche of the tapped money was to be transferred from a central bank account at the Federal Reserve Bank of New York to a bank branch on “Jupiter Street” in the Filipino capital Manila. Because “Jupiter” was also the name of an Iranian ship under US sanctions, a check was triggered in New York, thanks to which the theft could be prevented.
$ 65 million stolen
The theft at the central bank of Bangladesh became known in March 2016 and occurred in early February. Almost $ 1 billion in Swift transfers had been made from an account held by the Central Bank of the Southeast Asian state at the New York Federal Reserve Bank. Even if a large part of it was not lost due to the unexpected audit, among other things, the central bank is still missing $ 65 million, writes the BBC. Only a few weeks ago, the US government brought charges against three North Koreans in connection with this digital theft. The FBI has put her out to be wanted.
As the BBC has now confirmed, the theft had indeed been prepared well in advance and was specifically carried out on that date. Those responsible were able to penetrate and infiltrate the central bank’s network as early as January 2015 through an email infected with malware. Then they would have stopped and waited for the right time. Late in the evening of February 4th – a Thursday – they would have started and transferred almost all of the money with 951 million US dollars to the account of the central bank in New York. While the weekend began in Bangladesh – which ran from Friday to Saturday – the Fed in New York had time to wave the transfer through. The destination of the transfer was banks in the Philippines, where a long weekend also included Monday.
Those responsible had therefore made sure that there was enough time to put the money aside: it was only four days after the transfers were made again at all banks involved, the money should have been gone by then. Cyber security expert Rakesh Asthana even speaks of “elegance” to the BBC. The attackers also specifically paralyzed the printer at the central bank that spits out a receipt for all transactions. When he left and the theft became apparent, nobody in New York could be reached. The fact that the attack still did not work was therefore only due to the coincidence with the address of the target bank in Manila, which had already triggered a check in New York. Instead, the money should be laundered through casinos in Macau and then brought to North Korea, according to the BBC.