At least three hacker groups, two from Pakistan and North Korea were involved in US$81m Bangladesh bank heist
Investigators have yet to identify the origins of the third hacker group which is thought to be the actual culprit
Investigators examining the theft of US$81 million from Bangladesh’s central bank have uncovered evidence of three hacking groups – including two nation states – inside the bank’s network but said it was the third, unidentified group that pulled off the heist, according to two people briefed on the progress of the bank’s internal investigation.
FireEye Inc, the company hired by the bank to conduct the forensics investigation, identified digital fingerprints of hacking groups from Pakistan and North Korea, the two people said. It hasn’t found enough data to determine whether the third group, the actual culprit, was a criminal network or the agent of another nation.
The twists and turns add to the mystery of who pulled off one of the largest cyber heists in history. The hackers, pairing theft with havoc within the global financial system, used the Swift interbank messaging system to move cash into fake accounts in the Philippines but were discovered before they could complete an attempted transfer totaling US$951 million.
The US Federal Bureau of Investigation suspects an insider with access to the computers at the Bangladesh central bank played a role in the caper, according to the people briefed on the investigation. Police in Bangladesh said they have found negligence within the bank but haven’t determined whether there was any criminal intent.
Spokesmen for Pakistan’s interior and information technology ministries didn’t respond to requests for comments. Telephone and e-mailed requests for comment to North Korea’s delegation to the United Nations went unanswered.
These guys started to lay the groundwork for their hack or their robbery a year ago. It was really well thought through, and they found a very weak link, which they exploited
A year in the making, the hacking scheme ran through the Swift messaging system and the central bank’s accounts at the Federal Reserve Bank of New York, exposing crucial weaknesses in the global financial system. Government officials in the Philippines and Sri Lanka are investigating where the purloined money may have gone. Members of the US Congress have asked for additional information about whether there were lapses in security by institutions duped in the scam.