The head of Bangladesh's central bank, Atiur Rahman, has resigned after cyber-thieves stole more than $100m from the country's foreign currency reserves.
Mr
Rahman submitted his resignation to Prime Minister Sheikh Hasina after
it emerged that unknown hackers had stolen the money from the bank's
account with the Federal Reserve Bank of New York.
The theft happened in February, but Mr Rahman did not tell the government.
Finance Minister A M A Muhith said he had learnt of it from press reports.
According
to media reports quoting banking officials, the gang behind the raid
used stolen credentials to make requests to transfer cash look
legitimate.
If all the requests had gone unchallenged, the gang would have got away with about $1bn.
However, the transfers were stopped when the volume of requests raised suspicions at other banks.
Spelling mistake
To
commit the attack, the gang spent time studying the internal processes
of Bangladesh's central bank, so they could convincingly pose as
officials when requesting the transfers.
However, the sheer number of transactions and a spelling mistake helped alert bank staff to the theft.
The
spelling mistake in the name of one recipient of funds led Deutsche
Bank, which was helping to route the cash, to ask for clarification from
the central bank, which then stopped the transaction.
At about
the same time, the Federal Reserve Bank of New York had alerted the
Bangladesh central bank to a series of suspicious requests to transfer
money. The requests are believed to have been flagged because they were
to private accounts rather than other banks and because there were so
many of them.
The money that the hackers did steal ended up in accounts in Sri Lanka and the Philippines.
Part
of the money was recovered from Sri Lanka, but the rest was laundered
through casinos in the Philippines. The central bank said it was working
with authorities there to recover the remaining amount.
Bangladesh's government has publicly blamed the New York Fed for not spotting the suspicious transactions earlier.
No comments:
Post a Comment