North Korea, China, India all suspects in $81M Bangladesh bank theft

UPDATE – 6/4, 4:19 p.m. EST: Reuters is reporting that 35 transfer requests from different foreign accounts to withdraw hundreds of millions of dollars from the Central Bank of Bangladesh’s account at the New York Fed in February were originally rejected due to improper formatting. 

Ultimately five of the transfer requests were approved for a total of $101 million, although one was retracted due to a misspelling worth $20 million.

A senior official with the Bangladesh Bank who spoke with the news source said the Federal Reserve Bank should have rejected all requests due to their idiosyncrasies and the fact that the false names on the transfer statements reappeared on the second round of requests after being rejected the first time. 

“Of course, we asked the Fed why the repetition of the names did not create red flags,” the senior official said.

“They are saying they rejected 35 (improperly formatted requests),” the official continued. After their re-submission, however, the Fed “paid five of them and stopped 30. Why? They can give no answer.”

A congressional investigation of the Fed’s role in the theft is already underway by the House Science Committee.

Bangladesh may seek compensation from the New York Fed for the stolen funds.


The FBI in conjunction with the U.S. Attorney’s Los Angeles office has launched an investigation into the theft of $81 million from the Central Bank of Bangladesh in an account held at the Federal Reserve Bank of New York in February.

Last week, U.S.-based software company Symantec and UK-based cyber security firm BAE Systems told media outlets there is evidence that programming code used to disguise the identity of the perpetrators in the Bangladesh case is partially identical to what hackers used to access the online sites of South Korean institutions in 2013, and breach the online data bank at Sony Pictures in 2014.

Programming experts are also linking the Bangladesh bank hack to similar attempts to fraudulently transfer payments out of banks in Vietnam, the Philippines and Ecuador by a team of cyber-criminals called the “Lazarus Group”.

Anonymous federal law enforcement officials have confirmed Symantec and BAE’s suspicions, but a connection with the North Korean government — suspected of carrying out cyber attacks against their southern neighbor and U.S.-based Sony Pictures — has not yet been proven.

An anonymous source told the Daily Mail, contrarily, that the Bangladesh bank’s perpetrators are located in India. 

“Maybe they’re using proxies,” the source said. “That’s why they haven’t found them. They are located directly in the center of India and some are off the coast. They are technically untraceable though.”

What is known is that funds siphoned from the Central Bank were transferred into Philippine accounts. The money was withdrawn shortly thereafter and laundered through at least three casinos in Manila, the country’s capital city.

One of the casino’s operators, Kim Wong, was arrested but not charged with receiving $15 million from two of the suspects who he testified at a senate hearing in Manila recently as being Chinese nationals.

The theft at the New York Federal Reserve and attempt to steal $1 million from Vietnam’s Tien Phong Bank in Dec. 2015, were both done through a breach of the Society for Worldwide Interbank Financial Transactions (SWIFT) system.

SWIFT, based in Brussels, is used by approximately 11,000 banks and other businesses across the world to make payments online and is considered the safest international transfer system on the market.


[CNN] [Daily Mail] [The Independent] [Photo courtesy]