Investigators say that malware made by Islamabad or Pyongyang hacker used in BB heist

The malware behind the mega $80 million hack of Bangladesh Bank was allegedly made by a Pakistani or North Korean hackers according to the Investigators. The investigators in the high profile Bangladesh Bank today said that a malware made by either Pakistani or North Korean hackers were used in stealing US 80 million dollars from Bangladesh Bank account with Federal Reserve Bank of New York.

Mohammed Farashuddin, head of the committee probing the Bangladesh Bank heist, said that malware was installed at the server of the central bank

The investigators also held SWIFT primarily responsible for the hack. SWIFT now is telling that its job is to provide solutions and it is the responsibility of the client to ensure the safety of the system, Mohammed Farashuddin added.

“Okay, I admit that. But if SWIFT or any individual gives any system, it is the provider’s responsibility to supply device to keep the system secure.”

On May 9, SWIFT rejected allegations by Bangladesh officials that technicians with the global messaging system made the nation’s central bank more vulnerable to hacking before an $80 million cyber heist in February.

The remarks were in response to a Reuters story that cited Bangladeshi police and a central bank official as saying that SWIFT technicians introduced security holes into the bank’s network while connecting SWIFT to Bangladesh’s first real-time gross settlement (RTGS) system.

Earlier it was reported that the Bangladesh Bank used second hand $10 routers to power its network and that was believed to have been compromised by the hackers.

There is also a debate going on about actually how much money Bangladesh Bank lost in the hack attack on February 4. The report says that the hackers were actually attempting to steal $950 million but a typo stopped the hack at $101 million. The report says that the hackers were successfully in remittance of advices worth $101 million. Of this $101 million, the Bangladesh Bank got back $20 million because of misspelling of the beneficiary organisation in Sri Lanka and now the amount of missing money stood at $81.16 million.

The preliminary report of the probe findings was submitted to the government on April 20. In the forwarding, the probe committee said the report is final on that part.