Posted by Robert Vamosi on March 11, 2016
Criminal hackers looking to steal roughly a billion dollars from a bank in Bangladesh were stopped by a common mistake: a spelling error. Although smaller transfers between the Bangladesh central bank and the Federal Reserve Bank of New York did go through, a large transfer of between $850-$870 million was stopped at a transfer bank, Deutsche Bank, which noticed the error. Some of the money was intended for a possibly fictitious non-profit organization, the Shalika Foundation. On the transfer request the criminal hackers misspelled foundation as “fandation,” which prompted a review by the Deutsche Bank of the that and other recent transactions from Bangladesh.
According to the Routers news service, the Bangladesh Bank has said it has recovered some of the money that was stolen, however, it may sue the Federal Reserve Bank of New York for letting the earlier transactions go through. “The Fed must take responsibility,” Bangladesh Finance Minister Abul Maal Abdul Muhith said.
An initial cybersecurity investigation suggests that criminal hackers outside of Bangladesh compromised the system there and stole its credentials for payment transfers.
Get the latest Software Integrity news, thought leadership, and more.