Malware: Bangladesh Bank Heist

The recent Bangladesh Bank heist resulted in $81 million in theft and was tracked to the Philippines before disappearing in February. The cyber criminals are still at large and have left everyone wondering whether this was an issue originating from the cyber security of the bank or bank employees?

Malware was used to monitor bank staff and steal credentials. Hackers then asked members of the New York Federal Reserve to transfer money from the Bangladesh Bank to a bank in the Philippines where four fake accounts were opened in the Manila branch.

The money was withdrawn in a matter of days. Over $50 million was wired to casinos and it was then withdrawn again. The money trail then goes cold because casinos are not required to report financials.

One of the bank employees in the Philippines was arrested and charged with breaking the bank’s cyber security policy and governmental fraud policy by allowing withdrawals of over $1,000 per day, which aided the cyber criminals in their mission to transfer the money to the casinos.

It is clear that the Bangladesh Bank heist was not very complicated, proving that even the simplest attacks can yield devastating results. The questions left unanswered are: why the bank was not using strict cyber security protocols, or why the employee in question had either not had the proper cyber security training, or was a key player in the heist.

“Malware should be detected by the bank, but the problem is that malware nowadays is so advanced,” said Semi Yulianto, an Indonesian, white hat hacker and owner of a cyber security firm of his own. The solution that Indonesian cyber security firms are calling for is simple: employees need to be trained in these sorts of breaches and social engineering tactics.

All international transactions are governed by a bank SWIFT code that identifies the banks in the transactions. The malware used by these cyber criminals faked the SWIFT codes, allowing for 35 transaction orders to be sent to the New York Federal Reserve. To the bank operators there, it seemed as if nothing was wrong. Only five of the transactions were completed because there was not enough information to complete the other 30. The hackers would have made off with over $850 million if all of the transactions were completed, which would have made the Bangladesh Bank heist the most devastating hack of all time.

ERMProtect handles cyber security software, implementation, and employee training for banks around the world. As a leader in the cyber security industry, specializing in financial security, our services could have prevented the Bangladesh Bank heist. To find out if your bank is FFIEC compliant: ERMProtect’s FFIEC Cybersecurity Tool Based Assessment

Stop Phishing Attacks with ERMProtect's Security Awareness Training

Turn your employees into a human firewall with our innovative Security Awareness Training.

Our e-learning modules take the boring out of security training.

ERMProtect's Weekly Newsletter

Get a curated briefing of the week's biggest cyber news every Friday.

Intelligence and Insights

pci dss in the cloud

How to Achieve PCI Compliance in the Cloud as Security Controls Evolve

The integration of cloud services with PCI DSS compliance is particularly crucial for enterprises that handle sensitive payment card information …
Digital Forensics Investigation

What Are the 5 Stages of a Digital Forensics Investigation?

In this article, we delve deeply into the five stages of a digital forensics investigation and provide tips on how to select the right digital forensics company …
Comprehensive Guide to Penetration Testing

A Comprehensive Guide to Penetration Testing – Types, Methods, Benefits and Best Practices

This penetration testing guide explains the different types of penetration testing, their benefits, and their purpose …