In the Bangladesh Bank Robbery, thieves stole $81 Million from Bangladesh Central bank by hacking and penetrating into international banking network known as SWIFT. SWIFT claims it knew about the malware targeting its client’s private information.
What is SWIFT?
The Society for Worldwide Interbank Financial Telecommunication (SWIFT) provides a network that enables financial institutions worldwide to send and receive information about financial transactions in a secure, standardized and reliable environment.
The majority of international interbank messages use the SWIFT network. As of 2015, SWIFT linked more than 11,000 financial institutions in more than 200 countries and territories, who were exchanging an average of over 15 million messages per day
How did Bank Robbery happen?
On 4th February, unknown hackers used SWIFT credentials of Bangladesh Central Bank employees to send fraudulent money transfer requests to Federal Reserve Bank of New York to transfer close to $1 Billion from Bangladesh’s Bank to bank accounts in Philippines and other parts of ASIA. Hackers successful only managed to transfer $81 Million which is cited as the biggest bank robbery in history.
SWIFT has accepted that it knew about the about the malware targeting its client’s private information.The bank suffered serious security issues with its firewall and aging equipment, which was one of the reasons for this huge bank robbery.
Because of these flaws the hackers were able to get into the banking network and make numerous transactions which were then erased from the records using a malware. This special malware was used to delete the outgoing transactions, erase confirmation messages, change accounts balance logs and even shut a printer down which would take out hard copies of the transactions made the previous night.
The thieves were said to be part of different groups, who did this in a clean way with minimum number of evidences left behind for the security researchers of BAE. When asked about the bank robbery that happened at SWIFT, one of its members Adrian Nish said he had never seen such a case where the criminal has gone to this level that he could even customize the environment they were working in.
The robbery came into the light when the Federal Reserve Bank in New York stopped a transaction to crosscheck due to the spelling errors in it. The hackers had misspelled “foundation” as “fandation”. According to investigations, the thieves had initially planned to steal $1 Billion, but ended up with $81 Million.