The
recent cyber attack on Bangladesh's central bank that let hackers stole
over $80 Million from the institutes' Federal Reserve bank account was
reportedly caused due to the Malware installed on the Bank's computer systems.
Few days ago, reports emerged
of a group of unknown hackers that broke into Bangladesh's central
bank, obtained credentials needed for payment transfers from Federal
Reserve Bank of New York and then transferred large sums to fraudulent
accounts based in the Philippines and Sri Lanka.
The criminal group was able to steal a total value of about $81 Million
from the Federal Reserve's Bangladesh account through a series of
fraudulent transactions, but a typo in some transaction prevented a
further $850 Million Heist.
However, the question was still there:
How the Hackers managed to transfer $80 Million without leaving any Trace?
Security researchers from FireEye's Mandiant forensics are helping the Dhaka investigators to investigate the cyber heist.
Investigators believe unknown hackers installed some type of malware in
the Bangladesh central bank's computer systems few weeks before the
heist and watched how to withdraw money from its United States account,
Reuters reports.
Although the malware type has not been identified, the malicious
software likely included spying programs that let the group learn how
money was processed, sent and received.
The malware in question could be a potential Remote Access Trojan (RAT) or a similar form of spyware that gave attackers the ability to gain remote control of the bank's computer.
The investigators suspect the hack could have exploited a "zero-day" flaw as they are unknown to vendors as well.
After this, the hackers were able to steal the Bangladesh Bank's credentials for the SWIFT messaging system, a highly secure financial messaging system utilized by banks worldwide to communicate with each other.
"SWIFT and the Central Bank of Bangladesh are working together to resolve an internal operational issue at the central bank," Belgium-based SWIFT said in a statement Friday. "SWIFT's core messaging services were not impacted by the issue and continued to work as normal."
Security experts hope that the malware sample will be made available to
the security researchers soon so that they can determine whether the
sample was truly advanced, or if Bangladesh Central Bank's security
protection was not robust enough to prevent the hack.
The Bangladesh Bank discovered weaknesses in its systems, which could
take years to repair the issues though the Federal bank has denied any
system compromise.