A spelling mistake in an online bank transfer instruction helped prevent a nearly $1 billion heist last month involving the Bangladesh central bank and the New York Fed, banking officials said.
Unknown hackers still managed to get away with about $80 million, one of the largest known bank thefts in history.
The hackers breached Bangladesh Bank’s systems last month and stole its credentials for payment transfers, two senior Bangladesh Bank officials said.
They then bombarded the Federal Reserve Bank of New York with nearly three dozen requests to move money from the Bangladesh bank’s account there to entities in the Philippines and Sri Lanka, the officials said.
Four requests to transfer a total of about $81 million to the Philippines went through, but a fifth, for $20 million, to a Sri Lankan non-profit organisation got held up because the hackers misspelled the name of the NGO.
The full name of the non-profit could not be learned. But one of the officials said the hackers misspelled “foundation” in the NGO’s name as “fandation”, prompting a routing bank, Deutsche Bank, to seek clarification from the Bangladesh central bank, which stopped the transaction.
Deutsche Bank declined to comment.
At the same time the unusually high number of payment instructions and the transfer requests to private entities – as opposed to other banks – made the Fed suspicious, which also alerted the Bangladeshis, the officials said. For the full article click here
from hacker samurai http://ift.tt/1pi7PT6
via IFTTT
No comments:
Post a Comment