A spelling error stopped a hack from committing a billion dollar bank robbery
A spelling mistake in an online bank transfer instruction became the source of resistance as it prevented nearly $1 billion robbery last month, Bangladesh central bank and the New York Fed, banking officials said.
However, the unknown hackers were still able to get away with about $US80 million by breaking through the bank’s internal security. They then took that information to the Federal Reserve Bank of New York, where they made more than dozens of payment transfer to “entities in the Philippines and Sri Lanka.”
The Fed allowed four requests to go through totaling $81 million to the Philippines. However, the fifth for $US20 million, to a Sri Lankan non-profit organisation didn’t made it because the hackers misspelled the name of the NGO as “foundation” as “fandation.”
Deutsche Bank, which was conducting the transfer, asked the Bangladesh central bank about the mistake, leading to a realization that something was amiss. Meanwhile, the abundant number of transfer requests to the New York Fed also raised suspicions, and the American wing also contacted the Bangladeshi bank.
Once alerted, officials put a stop to the the remaining transfers, which amounted to nearly $850 million. The $81 million theft is still one of the largest ever, but if all the transfers had gone through, it would have go on to become the largest known banks in history.
According to one official, the money saved added up to between $850 million and $870 million.
In order to recover some of the funds that were lost, the Bangladesh government plans to sue the Federal Reserve, the Dhaka Tribune reported.
“The Fed had the responsibility to keep the money safe,” Shamim Ahamad, the press minister at the American Bangladesh Embassy, told Vice. “We are suspecting that Chinese hackers have done it.”
The country’s finance minister, Abul Maal Abdul Muhith, had even stronger words, according to the Dhaka Tribune. “The fault that caused the hacking was in the Federal Reserve of United States, so we will file a case in the international court against the US Fed,” he said.
Meanwhile, the Fed is basically shrugging. “To date, there is no evidence of any attempt to penetrate Federal Reserve systems in connection with the payments in question,” said a spokesperson said in a statement. “There is no evidence that any Fed systems were compromised.”
Last year, Russian hackers reportedly got away with up to $1 billion from 100 banks using malware.