So, how were hackers able to tap into Bangladesh Bank’s US account to steal $1010 million without leaving a trace?
Malwares were installed into the computer of the Federal Reserve Bank of New York, according to the Hacker News.
Any transfer from the bank requires a confirmation but the hackers, still unknown, were able to perk the large sums of money at multiple fake accounts in Philippines and Sri Lanka.
The thieves planned to steal more than $80 million, which they did by several attempts, but a lucky spelling error stopped the transfer of another $850 million.
Security researchers from FireEye’s Mandiant have been assisting investigators in Dhaka in the wake of the worst cyber attack faced by Bangladesh.
The detectives believe special malwares were installed in Bangladesh Bank’s computer system several weeks prior to the attack and the hackers watched how money is transferred from its account at Fed Reserve, reports Reuters.
The nature of the malware is still unknown but the “malicious software likely included spying programs that let the group learn how money was processed, sent and received”.
It could have been a Remote Access Trojan (RAT) or a similar spyware that allowed the thieves remote access to the bank’s computer.
Investigators also suspect that the hackers might have used the system’s zero-day vulnerability, which is a flaw within a software that remains unknown to the vendor until it is exploited.
The hackers then stole credentials used by Bangladesh Bank for the SWIFT messaging system, which banks use to communicate with each other.
Society for Worldwide Interbank Financial Telecommunications or SWIFT is a highly secure massaging network that uses a standardised system of codes to transmit information and instructions between financial institutions.
“SWIFT and the Central Bank of Bangladesh are working together to resolve an internal operational issue at the central bank,” Belgium-based SWIFT said in a statement on Mar 11.
“SWIFT’s core messaging services were not impacted by the issue and continued to work as normal.”
Those investigating the incident said a sample of the malware will soon be handed to security researchers to see if it is ‘truly advanced’ or if the Bangladesh Bank’s system was not strong enough to prevent the attack.
The Federal Reserve continues to deny its system was breached while the Bangladesh Bank said it discovered weaknesses that could take years to repair.
Source: Bd news24