Those $#%$# Idiots At The New York Federal Reserve Allow Hackers To Take $100million From An Account Held For Bangladesh
Hackers Compromise Swift System. Those $#%$# Idiots At The New York Federal Reserve Allow Hackers To Take $100million From An Account Held For Bangladesh
Hackers have again gained access to the world’s largest system for transferring funds among banks, a breach the network’s operator said indicates a wide-ranging effort to penetrate the financial system.
The Society for Worldwide Interbank Financial Telecommunication, a cooperative that runs the international messaging system between banks, said the attack targeted a commercial bank and managed to send Swift messages using the bank’s valid codes. It followed the theft in February of $81 million from Bangladesh’s account at the Federal Reserve Bank of New York.
The Bangladesh case provided startling evidence of the vulnerability of parts of the financial system that had been thought highly secure.
The notice by Swift said in both cases its own system wasn’t breached but that hackers accessed the fund-transfer system using the customers’ credentials and malicious software to cover their tracks.
“Forensic experts believe this new discovery evidences that the malware used in the earlier reported customer incident was not a single occurrence, but part of a wider and highly adaptive campaign targeting banks,” Swift said in a notice to banks reviewed by The Wall Street Journal but set to go out Friday.
A spokeswoman for Swift said there were a “few” additional incidents but declined to identify the other institutions involved. The Belgium-based Swift recently notified customers about a “small number of recent cases of fraud at customer firms,” it said in the notice.
The new evidence in question, Swift said, was sophisticated malware that was found by third-party forensic experts, who brought their findings to the messaging company. The attack happened before the Bangladesh theft, a person familiar with the matter said.
That malware was different than that used earlier to attack Bangladesh’s central bank, it added. In February, thieves attempted to siphon nearly $1 billion out of the Bangladesh bank’s account at the New York Fed.
The bulk of the fraudulent payment orders were stopped, but the thieves made off with $81 million that still hasn’t been traced.
The two sets of malware used in the attacks had two things in common, the Swift notice said. One, the attackers exploited the customer’s systems before messages were sent over Swift’s platform.
Secondly, the malware helped the attackers cover their tracks, making it more difficult to identify the fraud.
The newer one identified by Swift attacks a type of computer software for reading files in a “portable document format,” or PDF. The malware is able to read customers’ PDF reports of payment confirmations, manipulate them and then remove traces of any fraudulent instructions, Swift said.
The Wall Street Journal reported this week that the Federal Bureau of Investigation suspected insiders may have helped the attack on Bangladesh Bank, citing people familiar with the matter. Swift similarly emphasized the risk of malicious insiders in its note to banks.
Swift, a member-owned industry cooperative, handles the bulk of world-wide cross-border payment instructions between banks. On average, the company handles 25 million messages each day.
Banks and brokerages relay information to each other through its trusted computer network, confirming the identities of senders and recipients, amounts being transferred, account numbers and intermediary banks.
The breaches raise the prospect that the system isn’t fully secure.
In the case involving Bangladesh Bank, attackers issued 35 fraudulent instructions attempting to divert funds to accounts in the Philippines and Sri Lanka.
At a conference in Miami this month, New York Fed Executive Vice President Richard Dzina said the bank acted on properly authenticated message instructions.
News of the second breach was reported earlier Thursday by the New York Times.
Central Bank Computer Was Hacked To Carry Out $81 Million Heist
A Bangladeshi central bank official’s computer was used by unidentified hackers to make payments via SWIFT, and carry out one of the biggest-ever cyber heists, a Bangladeshi diplomat said on Thursday at the end of a Philippine Senate inquiry.
There were certain indications about who the hackers were, Bangladesh Ambassador John Gomes told a panel looking into how the $81 million in stolen money ended up in the Philippines, citing information shared by the U.S. Federal Bureau of Investigation.
Gomes said the hackers were neither in the Philippines nor in Bangladesh, but he had no other information.
“One of our bank officials who is in the group that makes payments, that passes the payment instructions, his computer was hacked,” Gomes said.
“It was a Friday when the attack happened and the Bangladesh central bank is totally shut down. It was all sealed and no one goes to the bank on that day.”
There was no evidence directly linking anyone in Bangladesh to the February cyber heist, Gomes said.
The hackers sent fraudulent messages, ostensibly from the central bank in Dhaka, on the SWIFT system, to the New York Federal Reserve seeking to transfer nearly $1 billion from Bangladesh Bank’s account there.
Most of the transfers were blocked but about $81 million was sent to a bank in the Philippines. It was moved to casinos and casino agents and much of it is missing.
Ralph Recto, one of the Philippine senators leading the investigation, said in April Chinese hackers were likely to have pulled off the heist, citing a network of Chinese people involved in routing the stolen funds through Manila.
China has dismissed the suggestion.
Bangladesh Bank officials have said they believed SWIFT, and the New York Fed, bear some responsibility for the cyber heist, but SWIFT has rejected the suggestion.
The Philippine inquiry has helped recover $15 million of the stolen funds, but the head of the Philippine anti-money laundering council, Julia Abad, said it would take three to five months before the money, now subject of a forfeiture case, could be returned to Bangladesh.
Senators wrapped up their investigation on Thursday but they were nowhere near finding the truth of what happened as they were hamstrung by the country’s strict bank secrecy laws and as casinos fall outside the ambit of the anti-money laundering law.
Bangladesh Central Bank Found $100 Million Missing After A Weekend Break
Interviews with Bangladeshi officials depict a cyberheist spanning at least four countries.
DHAKA, Bangladesh—On a quiet Friday last month, the Federal Reserve Bank of New York received a series of payment instructions ostensibly from Bangladesh’s central bank requesting the transfer of nearly $1 billion out of an account held by the South Asian country at the New York Fed.
The transfer requests, which the Fed says were “fully authenticated” with the correct bank codes, would move the money to private accounts in the Philippines and Sri Lanka and appeared to come from the Bangladeshi central bank’s servers in the capital, Dhaka.
Only, Friday is the weekend in Bangladesh and the central bank’s offices were closed. By the time officials at Bangladesh Bank, the country’s central bank, returned to work and detected the fraudulent requests, more than $100 million had been stolen from the account at the New York Fed.
Interviews with several officials at Bangladesh’s Finance Ministry and its central bank depict an international cyberheist spanning at least four countries.
Subhankar Saha, a spokesman for Bangladesh Bank, said hackers had transferred $81 million from the New York Fed to bank accounts in the Philippines, while $20 million had gone to a Sri Lankan bank. Other transfers totaling roughly $850 million were blocked after “the American bank raised a money laundering alert,” Mr. Saha said.
A Bangladesh Bank official and an official of the Ministry of Finance said up to 35 transfer requests had been sent to the Fed through an interbank messaging system known as Swift on Feb. 5.
Whoever made the requests had the necessary codes to authorize Swift transfers and put in the payment requests on a weekend, the officials said, speaking on condition of anonymity.
Swift uses a multilayered process to authenticate the financial institutions that are sending and receiving millions of messages each day between one another.
“They knew offices in Dhaka would be closed on Friday and Saturday while offices in New York would be shut on Saturday and Sunday,” the Bangladesh Bank official said. “They were counting on the likelihood that there wouldn’t be any direct communication between the banks over the weekend.”
Five requests totaling about $100 million went through but the rest were blocked by the Fed, according to the officials. The fact that the money was being wired to personal bank accounts in the Philippines rang alarm bells.
The wire transfer of $20 million to Sri Lanka went to the account of a newly formed nongovernmental organization, according to the officials in Dhaka. The Sri Lankan bank handling the account reported the unusual transaction to the country’s central bank under that country’s anti-money-laundering laws and authorities reversed the transfer.
“We have recovered the money that went to Sri Lanka and are working with anti-money-laundering authorities in the Philippines to recover the rest of the funds,” Mr. Saha said. He declined to comment on the nationality of the hackers.
Bangladesh Bank officials said the $81 million that flowed to bank accounts in the Philippines may have passed through several local casinos, citing investigators in Manila.
The Philippines Senate is planning to hold a public inquiry into allegations that casinos may have been used to launder the stolen money.
The Anti Money Laundering Council of the Philippines said the agency couldn’t comment on ongoing investigations.
Bangladesh foreign-currency reserves touched a record $28 billion in February, driven mainly by ready-made garment exports to North America and Europe.
Nearly a third of those reserves is held in liquid form in bank accounts at the Fed and the Bank of England, according to Bangladesh Bank officials.
The New York Fed offers transaction services to about 250 foreign central banks and government-related entities around the world as part of its broader payments services.
Bangladesh’s finance minister, Abul Maal Abdul Muhith, accused the Fed of “irregularities” over the stolen funds this week and said his government might sue to recover the money.
A New York Fed spokeswoman on Thursday declined to comment on the matter, but had said in a statement Tuesday: “To date, there is no evidence of any attempt to penetrate Federal Reserve systems in connection with the payments in question, and there is no evidence that any Fed systems were compromised.
“The payment instructions in question were fully authenticated by the SWIFT messaging system in accordance with standard authentication protocols. The Fed has been working with the central bank since the incident occurred, and will continue to provide assistance as appropriate.”
Cybersecurity experts say the theft of money from the New York Fed using a secure interbank messaging system shows the vulnerability of emerging economies like Bangladesh, where the rapid growth of the banking system has outpaced regulations and security systems.
In February, Bangladeshi police arrested a Ukrainian man who they said was part of an international gang that stole hundreds of thousands of dollars from ATM booths and point-of-sale terminals using counterfeit credit cards.
Bankers Hours Contributes To Breach
The heist is now the focus of probes by the Federal Bureau of Investigation, officials in Bangladesh, lawmakers in the Philippines and the U.S. Congress. A spokeswoman for the FBI declined to comment.
Investigators brought in from computer-security firm FireEye Inc. said in a report that the attackers lurked in Bangladesh Bank’s systems for days, logging keystrokes to get the codes they needed.
Bangladeshi investigators have said the thieves timed their attack to exploit the weekend, which falls on Friday and Saturday in Bangladesh.
The Bangladeshi central bank has questioned why the unusual transfer requests, many asking for money to be routed to personal bank accounts, didn’t ring alarm bells inside the New York Fed before the bank executed five of the 35 payment orders.
Subhankar Saha, a spokesman for Bangladesh Bank, said its investigators are looking into whether the New York Fed followed the correct procedures in releasing funds from its account.
The Fed generally approves authenticated payment orders automatically, people familiar with the matter said. Payments can be halted if they set off money-laundering or sanctions alerts, for example. Others may be reviewed after the fact and recalled if necessary, the people said.
“You’d think the Fed would be more vigilant with suspicious activity,” saidDarren Hayes, a professor who studies cybersecurity at Pace University’s Seidenberg School of Computer Science and Information Systems in New York. “People might question why, if they raised their own red flags, more wasn’t done.”
Feb. 4, 2016
By 5 p.m. EST: Federal Reserve Bank of New York approves five of what ultimately became 35 requests from hackers to transfer money from Bangladesh Bank’s accounts. The five approved orders, totaling $101 million, are routed to beneficiaries in Sri Lanka and the Philippines.
5:55 p.m.: New York Fed messages Bangladesh Bank with questions about another 12 of the 35 transfer requests.
11:30 p.m. (10:30 a.m. Friday Bangladesh time): Bangladesh Bank officials find the Swift interbank-messaging terminal unresponsive and can’t access the system.
Feb. 5, 2016
4:09 p.m. and 4:43 p.m. EST: Fed sends new messages to Bangladesh Bank again querying the transfer requests, including four of the five it had put through and 30 it had blocked that day.
Feb. 6, 2016
1:30 a.m. EST (12:30 p.m. Bangladesh time): After correcting a computer problem, Bangladesh Bank sees messages sent by the Fed.
2:31 a.m. to 7:03 a.m. EST: Bangladesh Bank sends three emails and one fax to the New York Fed, trying to get the payments stopped. Messages go unanswered. Bangladeshi officials also call the Fed office in New York several times, to no avail.
Feb. 7, 2016
7:15 a.m. EST (6:15 p.m. Bangladesh time): Bangladeshi officials start up a backup server and see dozens of messages from the Fed asking Bangladesh to reconfirm requests to transfer up to $950 million. By then, $101 million had already been wired out of the account to Sri Lanka and the Philippines.
Feb. 8, 2016
6 a.m. EST (5 p.m. Bangladesh time): Bangladesh Bank sends stop-payment requests via Swift to the New York Fed and four intermediary banks. Later in the day, the Fed sends its own stop-payment requests.
The thieves put the first payment orders through to the Fed using Swift on Thursday, Feb. 4, late in the Bangladeshi day, according to people familiar with those messages. The Fed approved five of the 35 payments later that day, said one person familiar with the messages, processing a total of $101 million in payments.
Fed employees then became suspicious. At 5:55 p.m., they messaged Bangladesh Bank asking for the rationale for a dozen different payment requests, the person said.
As the Fed’s concerns increased the next day, a Friday, it decided to block 30 of the 35 requests made by the thieves. Just before closing for business that afternoon, and heading out for the weekend, Fed staffers sent two more interbank messages asking Bangladesh Bank for additional details, people familiar with the messages said.
The Fed never heard back that day, when most Bangladeshi staff already were off for the weekend.
Officials who work on the Swift system at Bangladesh Bank usually come in for a couple of hours on weekend days to collect and sort messages. They were in the office for about 90 minutes Friday, but left without seeing the Fed’s messages, because they couldn’t start up the Swift terminal due to a computer failure that FireEye said was caused by the hackers.
When they got the terminal running Saturday and saw the Fed’s messages, they sent three emails and a fax asking the Fed to “stop processing all payments until further notice,” according to the Bangladeshi police report on the incident.
Bangladeshi officials said they also tried to call the New York Fed multiple times that day and on Sunday, but nobody answered, according to the report.
It wasn’t until early the following Monday, just after 6 a.m. New York time, that the Fed saw the Bangladeshi messages, people familiar with the matter said. It later sent out orders to stop the payments, they said. By then, it was too late, with all but $68,305 of the $81 million sent to the Philippines gone.
Bangladesh ultimately got back the $20 million routed to the account of a nonprofit in Sri Lanka, but only because a banker there stopped the payment after noticing a misspelling in the recipient’s name. In late March, one of the junket operators in the Philippines returned $4.63 million.
The Philippines last month filed criminal complaints against the two casino-junket operators for allegedly receiving some of the stolen money.
Hackers Lurked In Bangladesh Central Bank’s Servers For Weeks
Cybercriminals used malware, hacking tools and keylogger software to breach system, FireEye report says.
Hackers who last month stole more than $100 million from Bangladesh’s account at the Federal Reserve Bank of New York had been remotely monitoring activity at the South Asian nation’s central bank for several weeks and may have breached as many as 32 computers at the bank, a report from private investigators said.
In a sophisticated and coordinated cyberattack, the criminals, posing as Bangladeshi central bank officials, sent dozens of secure messages to the New York Fed, which transferred funds belonging to Bangladesh from the Fed to bank accounts in the Philippines and Sri Lanka.
The hackers introduced malicious code, known as malware into the Bangladesh bank’s server, which allowed them to process and authorize the transactions, according to an interim report from FireEye Inc., the Silicon Valley-based cybersecurity firm the Bangladesh Bank hired to probe the Feb. 5 theft.
The report, viewed by The Wall Street Journal, said that in addition to the malware, the cybercriminals deployed hacking tools, including keylogger software that monitors strokes on a keyboard, to steal Bangladesh Bank’s credentials for the Swift system, a closed network used by financial institutions to authorize financial transactions through secure messages.
Brussels-based Society for Worldwide Interbank Financial Telecommunication, a cooperative owned by some 3,000 global financial institutions and known as Swift, said Monday that it would ask customers to review their internal security in light of the breach of Bangladesh’s central bank.
“We reiterate that the SWIFT network itself was not breached. Our priority at this time is to investigate the interim findings and to encourage customers to review and, where necessary, to reinforce their local operating environments,” a Swift spokeswoman said.
FireEye said its investigators have identified malware “with advanced features of command and control,” which was “specifically designed for a targeted attack on Bangladesh Bank to operate on Swift Alliance Access (SAA) servers”—the interface used by the central bank to access the Swift network.
Cybercriminals had monitored the bank’s routine activity through the malware, the report said, allowing them to compose money transfer messages that looked genuine but were intended for accomplices in the Philippines and Sri Lanka.
The malware that allowed hackers to send fraudulent messages through the Swift messaging system could still be in the local network, Bangladeshi officials said.
How the malware was installed on the computers has yet to be determined, according to the report, which hasn’t been made public.
FireEye didn’t identify suspects in the report, instead blaming “an uncategorized threat group.” It said such groups had been active “within other customer networks in the financial industry, where these threat actors appear to be financially motivated, and well organized.”
“The security breach of the Swift environment is part of a much larger breach that is currently under investigation,” the report said.
FireEye investigators have warned Bangladeshi officials that dozens of computers at the central bank may have been breached by hackers leading up to the attack.
The Federal Bureau of Investigation last week joined the hunt for the perpetrators. Bangladeshi police officials met with an FBI team in Dhaka on Sunday. The U.S. investigators would assist with the “transborder elements of the crime,” a senior Bangladeshi police official said.
The U.S. Embassy in Dhaka said the U.S. “stands ready to assist the Government of Bangladesh with its investigation.”
Atiur Rahman, the central bank’s governor, last week resigned after taking “moral responsibility” for the breach of the bank’s operations.
The $81 million that was wired from the New York Fed to the Philippines, according to Bangladeshi and Philippine officials, ended up with at least one local casino and two gambling junket operators via a local businessman’s bank accounts, according to the Philippines’ Anti-Money Laundering Council, a government task force.
Julia Bacay-Abad, executive director of the Anti-Money Laundering Council, said at a hearing in the Philippines Senate that the money apparently had been used to buy gambling chips. Gambling facilities aren’t covered by the Philippines’ Anti-Money Laundering Law.
The wire transfer of $20 million to Sri Lanka went to the account of a newly formed nongovernmental organization, according to the officials in Dhaka. The Sri Lankan bank handling the account reported the unusual transaction to the country’s central bank under that country’s anti-money-laundering laws and authorities returned the money to the Fed, the officials said.
More details emerged Thursday of the brazen theft of tens of millions of dollars from Bangladesh’s account at the Federal Reserve Bank of New York, including the use of allegedly forged bank accounts in the Philippines and testimony about money being bundled into the car of a bank manager.
Cybercriminals in early February attempted to siphon close to $1 billion out of Bangladesh’s account at the New York Fed, Bangladeshi officials have said. Although the sheer volume of attempted transactions raised alarm bells, causing the Fed to block some of the transfers, the thieves managed to funnel $81 million to accounts in the Philippines and $20 million to a bank in Sri Lanka, according to the Bangladeshi officials.
The heist led to the resignation of Bangladesh’s top central banker and several other senior officials.
On Thursday, senators in the Philippines heard testimony about what might have happened to money that entered bank accounts in the country’s Rizal Commercial Banking Corp.
RCBC legal counsel Macel Fernandez-Estavillo and an executive at the bank,Romualdo Agarrado, testified at the Senate hearing in Manila that on Feb. 5 around 20 million pesos ($427,000) was withdrawn from one of the four bank accounts that received the funds. Mr. Agarrado said he saw the money taken to the car of Maia Santos Deguito, Manila branch manager with the bank, by one of the bank’s messengers.
Mr. Agarrado said that when RCBC’s head office implemented a Bangladesh central-bank order to freeze the accounts on Feb. 9, the first day of the workweek, Ms. Deguito ignored it.
Instead, she moved the money to a foreign-currency account opened Feb. 5 under the name of Centurytex Trading, a local brokerage firm owned by businessman William Go, Mr. Agarrado testified.
Philippines Anti-Money Laundering Council records submitted to the Senate show that $15 million of the stolen money on Feb. 5 was remitted from the account to a local money-transfer company called Philrem. Then, about another $66 million of the funds were transferred to Philrem on Feb. 9.
Philrem President Salud Bautista told the hearing that her company processed a total $80.9 million that came from the foreign-currency account of Mr. Go and Centurytex Trading, and that the requests appeared to be regular bank orders.
Ms. Bautista on Thursday said the company was offering a check for 10.47 million pesos ($223,000) to the Bangladeshi representative at the Senate hearings for the fees the company earned from processing the transactions.
Mr. Go denied that the account was his or his firm’s and authorized RCBC to disclose transactions in it to free the bank from violating the country’s bank secrecy law. An investigation carried out by the private firm Truth Verifier Systems Inc. found that the account, and another opened in July 2014 under the businessman’s name, were forgeries, Ms. Estavillo said.
Ms. Deguito has declined to comment on the allegations against her, insisting at the Senate hearings on her right not to incriminate herself. The Philippines’ Anti-Money Laundering Council has filed a criminal complaint against her with the country’s Department of Justice. She agreed to give her version of events to senators in a closed-door hearing.
The money eventually made it into at least one local casino and two gambling junket operators, the Senate hearing heard Tuesday. In previous Senate testimony, Julia Bacay-Abad, executive director of the Anti-Money Laundering Council, said the money apparently had been used to buy gambling chips.
The council’s investigation ended at the casino’s doors, however. Gambling facilities aren’t covered by the Philippines’ Anti-Money Laundering Law.
Meanwhile, in Bangladesh on Wednesday, central-bank officials filed a police report in Dhaka.
The computer terminal that connected Bangladesh’s central-bank computers to the secure interbank messaging system knows as Swift was “unresponsive” on Feb. 6, the morning after the theft, a senior official working at the bank’s secure server room said in the police report seen by The Wall Street Journal.
According to the report, Zubair Bin Huda, the senior official in charge of the glass-walled server room—known as the “Dealing Room”—was concerned when a printer connected to the terminal couldn’t print out the interbank messages received during the night.
Mr. Huda said he and other officials went home shortly afterward “since it was the weekend.” Bangladesh’s weekend falls on Friday and Saturday. Mr. Huda couldn’t be reached for comment on Thursday.
It wasn’t until Feb. 7, a Sunday, that the officials started a backup server and manually printed out the messages. The tranche that came out contained up to 35 messages from the New York Fed asking Bangladesh to reconfirm transfer requests of up to $950 million. By then, $101 million already had been wired to the Philippines and Sri Lanka.
The wire transfer of $20 million to Sri Lanka went to the account of a newly formed nongovernmental organization, according to the officials in Dhaka. The Sri Lankan bank handling the account reported the unusual transaction to the country’s central bank and authorities reversed the transfer.
Senior Bangladeshi officials sent urgent messages to the Philippines central bank on Feb. 8 asking it to freeze four accounts at the RCBC where $81 million had flowed, according to the police report.
Bangladesh central-bank officials close to the investigation said the criminals had used malicious code, known as malware, to penetrate its computers. The malware allowed the thieves to monitor the activity and daily routine at the Dealing Room, said one official, who spoke on condition of anonymity.
“They were counting on the likelihood that there wouldn’t be any direct communication between the banks over the weekend,” he said.
A spokeswoman for the New York Fed declined to comment, but previously said the payment instructions the U.S. bank received were “fully authenticated” and there was “no evidence the Fed’s systems were compromised.”
Atiur Rahman, who resigned as governor of Bangladesh Bank, the central bank, on Tuesday, said that the bank was slow to react to the breach because it was a “new and unexpected” challenge. “It took a while to understand what hit us,” he said.
Bangladesh has hired California-based cybersecurity firm FireEye Inc. to spearhead the investigation into the breach. Bryce Boland, FireEye’s chief technology officer for the Asia Pacific region, said: “Whatever the outcome of this investigation, we expect banks will review their security practices.”
Swift has said its core messaging services weren’t affected by the issue and it is working with Bangladesh Bank to “resolve an internal operational issue at the central bank.”
Swift’s terms of service say the customer is responsible for maintaining security on its computers.
DHAKA, Bangladesh—Someone using official codes stole $100 million from Bangladesh’s account at the New York Fed over a recent weekend. Authorities in four countries are still piecing together what happened.
The breach funneled $81 million from the country’s account at the New York Federal Reserve to personal bank accounts in the Philippines. Another $20 million was directed to a bank in Sri Lanka.
In scenes that would be right at home in Hollywood, the unknown criminals sent 35 transfer requests through the Swift interbank messaging system, a Bangladesh Bank official and an official of the Ministry of Finance have said.
Whoever made the requests had the necessary codes to authorize Swift transfers and put in the payment requests on a weekend, the officials said.
The incident has led to recriminations, with Bangladesh’s finance minister accusing the Fed of irregularities, and questions being raised about the quality of security in the South Asian country. In an early sign of fallout from the breach, Bangladesh’s central-bank governor, Atiur Rahman , resigned Tuesday.
Mr. Rahman had come under fire from senior ministers who said he didn’t tell the government about the theft fast enough. Although the theft took place Feb. 5, Bangladesh Bank, the central bank, didn’t make a public announcement until last week. The country’s finance minister, Abul Maal Abdul Muhith, said he learned of the heist from news reports.
On Tuesday, Mr. Rahman, who had been the governor of Bangladesh Bank for nearly seven years, said he was taking moral responsibility for the loss of the money. Two deputy governors of Bangladesh Bank were relieved of their duties, Mr Muhith said. He didn’t clarify why they were removed. The officials couldn’t be reached for comment Tuesday.
The Fed declined to comment Tuesday. It has said it is working with Bangladesh to investigate the incident and said none of its systems were compromised.
Interviews with several officials at Bangladesh’s Finance Ministry and its central bank depict a well-planned international caper spanning at least four countries.
The breach began on a quiet Friday last month, when a series of payment instructions arrived at the New York Fed seeking the transfer of nearly $1 billion out of the Bangladeshi account.
The transfer requests, which the Fed says were fully authenticated with the correct bank codes, asked to move the money to private accounts in the Philippines and Sri Lanka and appeared to come from the Bangladeshi central bank’s servers in the capital, Dhaka.
But Friday is the weekend in Bangladesh and the central bank’s offices were closed. By the time officials at Bangladesh Bank returned to work, five requests moving about $100 million had gone through.
Further transfers totaling roughly $850 million were blocked after the Fed raised a money-laundering alert, a spokesman for Bangladesh Bank said. The fact that the money was being wired to personal bank accounts in the Philippines rang alarm bells.
The $81 million that did leave the bank for the Philippines ended up in the account of a local businessman before making its way to at least two local casinos, the executive director of the country’s Anti-Money Laundering Council, a government task force, said at a hearing at the Philippine Senate on Tuesday.
Julia Bacay-Abad, executive director of the Anti-Money Laundering Council, said the money had apparently been used to buy gambling chips. The council’s investigation ended at the casino’s doors, however. Gambling facilities aren’t covered by the Philippines’ Anti-Money Laundering Law.
“Manila has returned only $68,000 of the money which was left in the bank accounts,” said a Bangladesh Bank official close to the investigation. “Whoever planned it had thought well ahead.”
The $20 million transferred to Sri Lanka went to the account of a newly formed nongovernmental organization, according to the officials in Dhaka. The Sri Lankan bank handling the account reported the unusual transaction to the country’s central bank under that country’s money-laundering laws, and authorities reversed the transfer.
Swift uses a multilayered process to authenticate the financial institutions that are sending and receiving millions of messages each day between one another. A spokeswoman said the messaging system’s core services hadn’t been affected, and said Swift was working with Bangladesh Bank “to resolve an internal operational issue at the central bank.”
Cybersecurity experts say the theft of money from the New York Fed shows the vulnerability of emerging economies like Bangladesh, where the rapid growth of the banking system has outpaced regulations and security systems.
Bangladesh foreign-currency reserves touched a record $28 billion in February. Nearly a third of those are held in liquid form in bank accounts at the Fed and the Bank of England, according to Bangladesh Bank officials.
Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,Those $#%$# Idiots At,