The Bangladeshi bank hackers were planning to rule the world by accomplishing one of the biggest bank robberies in history. But because of a simple spelling mistake, they got caught. It was reported that there were around twenty people involved in the $104 million (US$81 million) million heist that targeted the Bangladesh Central Bank.
The malware created by the Bangladeshi bank hackers could have compromised Society for Worldwide Interbank Financial Telecommunication (SWIFT) , BAE system researcher said. SWIFT has confirmed that it is aware of malware trying to corrupt its clients’ software. SWIFT is cooperatively owned by 3000 financial institutions, Reuters reported.
Natasha Deteran, SWIFT spokesperson said that on Monday it would release a software update to prevent the malware. She also gave a special warning for financial organisations to examine their security procedures. SWIFT is used by 11000 banks and other institutions.
With the help of a malware, evtdiag.exe, the hackers could change the records on SWIFT databases in order to hide their intentions. They could cover their tracks by deleting records of any transfer request, intercepting messages about payments and manipulating the display account balances.
BAE has published a blog on what it has found. However, BAE and SWIFT experts have not revealed how the fraudulent orders were created and pushed through the system.
The thieves gained access to the Bangladesh Central Bank’s swift payment system for the heist. But it was a spelling mistake which helped in the discovery of the hackers’ activities before they could transfer $1.2 billion (US$1billion). Most of the payment were blocked but $104 million were transferred to accounts in the Philippines and diverted to casinos in the country.
They were able to gain access to the Bangladesh Bank’s computer because of its cheap internet router with no firewall, reported BBC. Thus, the hackers were able to exploit this weakness to transfer funds from Bangladesh’s account at the Federal Reserve Bank of New York into other bank accounts.
BAE in its blog revealed, “This malware appears to be just part of a wider attack toolkit and would have been used to cover the attackers’ tracks as they sent forged payment instructions to make the transfers.”
Recently, US and Canada jointly issued an alert on Ransomware. The virus encrypts data and demands payments for unlocking it.