Malware: Bangladesh Bank Heist

The recent Bangladesh Bank heist resulted in $81 million in theft and was tracked to the Philippines before disappearing in February. The cyber criminals are still at large and have left everyone wondering whether this was an issue originating from the cyber security of the bank or bank employees?

Malware was used to monitor bank staff and steal credentials. Hackers then asked members of the New York Federal Reserve to transfer money from the Bangladesh Bank to a bank in the Philippines where four fake accounts were opened in the Manila branch.

The money was withdrawn in a matter of days. Over $50 million was wired to casinos and it was then withdrawn again. The money trail then goes cold because casinos are not required to report financials.

One of the bank employees in the Philippines was arrested and charged with breaking the bank’s cyber security policy and governmental fraud policy by allowing withdrawals of over $1,000 per day, which aided the cyber criminals in their mission to transfer the money to the casinos.

It is clear that the Bangladesh Bank heist was not very complicated, proving that even the simplest attacks can yield devastating results. The questions left unanswered are: why the bank was not using strict cyber security protocols, or why the employee in question had either not had the proper cyber security training, or was a key player in the heist.

“Malware should be detected by the bank, but the problem is that malware nowadays is so advanced,” said Semi Yulianto, an Indonesian, white hat hacker and owner of a cyber security firm of his own. The solution that Indonesian cyber security firms are calling for is simple: employees need to be trained in these sorts of breaches and social engineering tactics.

All international transactions are governed by a bank SWIFT code that identifies the banks in the transactions. The malware used by these cyber criminals faked the SWIFT codes, allowing for 35 transaction orders to be sent to the New York Federal Reserve. To the bank operators there, it seemed as if nothing was wrong. Only five of the transactions were completed because there was not enough information to complete the other 30. The hackers would have made off with over $850 million if all of the transactions were completed, which would have made the Bangladesh Bank heist the most devastating hack of all time.

ERMProtect handles cyber security software, implementation, and employee training for banks around the world. As a leader in the cyber security industry, specializing in financial security, our services could have prevented the Bangladesh Bank heist. To find out if your bank is FFIEC compliant: ERMProtect’s FFIEC Cybersecurity Tool Based Assessment

Stop Phishing Attacks with ERMProtect's Security Awareness Training

Turn your employees into a human firewall with our innovative Security Awareness Training.

Our e-learning modules take the boring out of security training.

ERMProtect's Weekly Newsletter

Get a curated briefing of the week's biggest cyber news every Friday.

Intelligence and Insights

NIST Cybersecurity Framework

Complete Guide to the NIST Cybersecurity Framework 2.0

In this comprehensive guide, we explain in simple terms every aspect of complying with the NIST Cybersecurity Framework 2.0 …
Musings From a Pen Tester’s Diary

Musings From a Penetration Tester’s Diary – Part 2

We asked Akash to take a trip down memory lane and discuss some of his more interesting intrusion cases. This is Part 2 of “Musings from Pen Tester’s Diary.” …
Musings From a Pen Tester’s Diary

Musings From a Penetration Tester’s Diary – Part 1

Ever want to peek inside the mind of an ethical hacker? Akash Desai, our Director of IT Consulting for 18 years, is sharing his diary of experiences “hacking” banks, factories, fire departments, airports, etc …