Thread: $100 million missing from Bangladesh's US Fed Reserve Bank account

Bangladesh says it may sue America's Federal Reserve Bank after losing 100 million dollars (£71m) from an account in New York.

Few details were revealed about how the money disappeared, but finance minister AMA Muhith said authorities were considering suing the Fed over the money's apparent transfer to accounts in the Philippines.

Mr Muhith said the US bank had "no way to avoid their responsibility", but i n a statement, the New York Fed said it had not detected any hacking attempts and there was "no evidence that any Fed systems were compromised".

"The payment instructions in question were fully authenticated ... in accordance with standard authentication protocols," the statement said.

The New York Fed said it had been working with the central bank of Bangladesh since the incident occurred "and will continue to provide assistance as appropriate".

The Bangladesh Bank said it managed to recover some of the funds, but gave no details. It has also tracked down those still missing and is working with the anti-money laundering agency in the Philippines, which has been ordered by a court in the country to freeze the accounts while the issue is being investigated.

Bangladesh was also working with World Bank cyber and forensic experts, the bank said.

The Philippine Anti-Money Laundering Council said it was investigating and was committed to "combating money laundering and helping preserve the integrity of the financial system".

The country's leading Bengali-language Prothom Alo newspaper said at least 30 transfer requests were made on February 5 using the Bangladesh Bank's SWIFT code, out of which five succeeded in effecting transfers.

Economist Mamun Rashid, who previously headed Citibank NA in Bangladesh, said he was sure the country would be able to recover the full amount.

"Bangladesh is a client of the Federal Reserve Bank. They must take the responsibility for this incident," he said. "But we have to see whether we have lodged our complaint properly."

Since hacking had been a threat for years, he said clients should not suffer if they were depositing with large banks.

"A client's right must be protected," he added.

Bangladesh threatens to sue Fed over £71m account loss - Independent.ie

Paging Jack Shepard.

Dodgy buggers those Bangladeshis.

Bangladesh central bank governor quits over $81m heist

Dhaka (AFP) - Bangladesh's central bank chief resigned on Tuesday, the finance minister said, after hackers stole $81 million from the nation's foreign reserves in an audacious cyber-heist that has hugely embarrassed the government.

"He called me yesterday and I've asked him to resign. And he has resigned today," minister A.M.A Muhith told AFP, referring to the Bangladesh Bank governor Atiur Rahman.

The theft from an account Bangladesh held with the Federal Reserve Bank of New York has raised alarm over the security of the country's foreign exchange reserves of over $27 billion.

The hackers attempted to steal almost $1 billion and were only prevented from taking more than they did because of a basic typing error, the Bangladesh Bank's deputy governor told AFP last week.

Rahman, an economist, was appointed as the governor of the Bangladesh Bank in 2009 and had been due to retire in August.

His resignation comes after Muhith revealed that he was only informed of the losses around a month after they occurred on February 5.

"Bangladesh Bank had the audacity not to inform me. I am certainly going to take action against it," the minister told reporters on Sunday.

As details of the scandal emerged last week Rahman, 64, flew to India to attend an International Monetary Fund meeting, leaving the more junior central bank officials scrambling to explain how the hackers managed to take such large sums.

Hackers bombarded the New York bank with dozens of transfer requests, and appeared to be trying to exploit gaps in communication between banks at weekends.

They stole $81 million from the account on February 5, transferring the cash electronically to accounts in the Philippines.

The hackers had been attempting to steal a further $850 million, but the bank's security systems and typing errors in some requests prevented the full theft.

Reports said the hackers misspelled the name of a Sri Lankan non-governmental organisation, triggering a check of the request which raised the alarm.

Some of the funds have been recovered and Filipino authorities have frozen the stolen money following court orders, Bangladesh Bank has said. It suspects the hackers were Chinese.

The hack took place on a Friday, when Bangladesh Bank is closed, while the Federal Reserve Bank in New York is closed on Saturday and Sunday.

The US reserve bank, which manages the Bangladesh Bank reserve account, denied its own systems were breached.

Rahman launched a series of populist policies to take bank services to the doorstep of millions of rural poor in Bangladesh.

But his tenure has been marred by a spate of high-profile banking scams in which state-owned banks lost hundreds of millions of dollars in bad loans.

Rahman said the central bank had hired international experts security to prevent a repeat of the incident.

Bangladesh central bank governor quits over $81m heist

Man in Manila gets $30 million cash from cyber heist

Bangladesh's central bank governor resigned on Tuesday over the theft of $81 million from the bank's U.S. account, as details emerged in the Philippines that $30 million of the money was delivered in cash to a casino junket operator in Manila.

The rest of the money hackers stole from the Bangladesh Bank's account at the New York Federal Reserve, one of the largest cyber heists in history, went to two casinos, officials told a Philippines Senate hearing into the scandal.

They said a mix of dollars and Philippine pesos was sent by a foreign exchange broker to the ethnic Chinese junket operator over several days, a haul that would have been made up of at least 780,000 banknotes.

Unknown hackers last month breached the computer systems of Bangladesh Bank and attempted to steal $951 million from its Fed account, which it uses for international settlements. They managed to transfer $81 million to entities in the Philippines.

Bangladesh Bank officials have said there is little hope of apprehending the perpetrators and recovering the money would be difficult and could take months.

In Dhaka, central bank governor Atiur Rahman said he had resigned to set an example in a country where there is little precedence of accountability and to uphold the image of the institution.

The government also fired two deputy governors of the bank, Finance Minister Abul Maal Abdul Muhith said, days after blaming it for keeping the government in the dark about the theft.

Rahman's exit could be a blow to Bangladesh, a South Asian nation of 160 million. The country has been aspiring to reach middle-income status, and Rahman was seen as one of the driving forces helping Dhaka towards that goal.

Under the former development economics professor, the country's foreign exchange reserves have increased four-fold to $28 billion and he also sought to ensure farmers and women entrepreneurs had better access to banking services and credit.

Rahman defended his record at the central bank, saying he was proud of his achievements there.

He described the heist as an "earthquake" and said the bank had promptly informed intelligence agencies in Bangladesh and abroad and also brought in international experts to investigate.

FireEye Inc's (FEYE.O) Mandiant forensics division is helping investigate the cyber heist. The bank has also been in touch with the Fed and other U.S. authorities, including the Federal Bureau of Investigation (FBI) and Department of Justice.

TRAIL ENDS AT CASINOS

Bangladesh Bank is also working with anti-money laundering authorities in the Philippines, where it suspects the stolen $81 million arrived in four tranches.

The Philippines' Rizal Commercial Banking Corp (RCBC) (RCB.PS) said last week it was investigating deposits amounting to just that sum, which were made at one of its branches.

Teofisto Guingona, head of the Philippines Senate's anti-corruption committee, told Reuters the transfers into RCBC were subsequently consolidated into one account and some of the money was converted to pesos.

CCTV cameras at the branch were not functioning when the money was withdrawn, RCBC's anti-money laundering head, Laurinda Rogero, told the Senate hearing.

The president of a foreign exchange broker called Philrem Service Corp, Salud Bautista, told the Senate that her firm was instructed by the bank branch to transfer the funds to a man named Weikang Xu and two casinos.

She said that $30 million went to Xu in cash. Guingona has said Xu was ethnic Chinese and a foreigner, but he was not sure if he was a Chinese national.

A tranche of $29 million ended up in an account of Solaire, a casino resort owned and operated by Bloomberry Resorts Corp (BLOOM.PS). Bloomberry is controlled by Enrique Razon, the Philippines' fifth-richest man in 2015, according to Forbes.

Silverio Benny Tan, corporate secretary of Bloomberry Resorts, told the hearing that the $29 million was transferred into a casino account under Xu's name in exchange for 'dead chips' that can only be cashed in from winnings.

Bautista said a further $21 million went to an account of Eastern Hawaii Leisure Co., a gaming firm in northern Philippines. Reuters tried several phone numbers to seek comment from Eastern Hawaii officials but was unable to reach any.

"Our money trail ended up at the casinos," Julia Bacay Abad, executive director of the Anti-Money Laundering Council, told the open hearing.

She said her agency had frozen 44 accounts connected to the case and had requested assistance from the FBI.

Senator Guingona said that because casinos are not covered by the country's anti-money laundering laws it was not clear if the stolen funds could ever be recovered.

"The paper trail ends there. That is the problem," he said. "Right now we are at a dead end."

Man in Manila gets $30 million cash from cyber heist; Bangladesh central bank governor quits | Reuters

For all that money, it seems as if they give up rather easily. Very fishy, methinks.

The Philippines' Rizal Commercial Banking Corp (RCBC) (RCB.PS) said last week it was investigating deposits amounting to just that sum, which were made at one of its branches.

Teofisto Guingona, head of the Philippines Senate's anti-corruption committee, told Reuters the transfers into RCBC were subsequently consolidated into one account and some of the money was converted to pesos.

CCTV cameras at the branch were not functioning when the money was withdrawn, RCBC's anti-money laundering head, Laurinda Rogero, told the Senate hearing.

Yeah yeah yeah, like there was nothing suspicious about the whole thing from the very beginning.

Thank You

Exclusive: Bangladesh Bank hackers compromised SWIFT software, warning to be issued

The attackers who stole $81 million from the Bangladesh central bank probably hacked into software from the SWIFT financial platform that is at the heart of the global financial system, said security researchers at British defense contractor BAE Systems.

SWIFT, a cooperative owned by 3,000 financial institutions, confirmed to Reuters that it was aware of malware targeting its client software. Its spokeswoman Natasha Deteran said SWIFT would release on Monday a software update to thwart the malware, along with a special warning for financial institutions to scrutinize their security procedures.

The new developments now coming to light in the unprecedented cyber-heist suggest that an essential lynchpin of the global financial system could be more vulnerable than previously understood to hacking attacks, due to the vulnerabilities that enabled attackers to modify SWIFT’s client software.

Deteran told Reuters on Sunday that it was issuing the software update “to assist customers in enhancing their security and to spot inconsistencies in their local database records."

The software update and warning from Brussels-based SWIFT, or the Society for Worldwide Interbank Financial Telecommunication, come after researchers at BAE (BAES.L), which has a large cyber-security business, told Reuters they believe they discovered malware that the Bangladesh Bank attackers used to manipulate SWIFT client software known as Alliance Access.

BAE said it plans to go public on Monday with a blog post about its findings concerning the malware, which the thieves used to cover their tracks and delay discovery of the heist.

The cyber criminals tried to make fraudulent.....

Exclusive: Bangladesh Bank hackers compromised SWIFT software, warning to be issued | Reuters

Originally Posted by Hans Mann

Senator Guingona said that because casinos are not covered by the country's anti-money laundering laws it was not clear if the stolen funds could ever be recovered.

"The paper trail ends there. That is the problem," he said. "Right now we are at a dead end."

Indeed... Wonder how much is going to him and his cronies to come out with such utter shite.

U.S. attorney in Manhattan probes Bangladesh Bank cyber heist: source

The U.S. attorney's office in Manhattan has opened an investigation of the cyber heist of $81 million from Bangladesh Bank's account at the Federal Reserve Bank of New York, a law enforcement source said.

Preet Bharara, the U.S. attorney for the Southern District of New York, is investigating the February crime, in which criminals used the SWIFT fund-transfer network to steal money from Bangladesh's central bank.

Bharara's office declined to comment.

The source spoke on condition of anonymity because he is not authorized to speak publicly.

The investigation by the federal prosecutor comes as the FBI and other government agencies are seeking to guard against other cyber thefts.

The Federal Reserve and other financial regulators last week told banks to review cyber-security protections against fraudulent money transfers in the wake of the Bangladesh Bank heist. The FBI last month privately urged banks to look for signs of attempted cyber thefts.

Last week, an FBI official speaking in Washington said the agency is investigating "a number of different tentacles" but does not yet know who committed the Bangladesh crime. The Bangladesh police and other law enforcement agencies also are investigating the largest known cyber heist from a bank.

A U.S. congressional committee has launched a probe into the New York Fed's handling of the heist.

Thieves in early February hacked into the Bangladesh bank's interface with the SWIFT network and peppered the New York Fed with fraudulent payment instructions. The New York Fed transferred $81 million held by Bangladesh Bank to accounts in the Philippines, where it went missing.

(Additional reporting by David Ingram in Washington)

U.S. attorney in Manhattan probes Bangladesh Bank cyber heist: source | Reuters

I want to know how it can just 'go missing' from the banking system. Even in the Philippines.

Hope they get away with it.