Hacked: Hacking Finance

Breaches

Report: NY Fed Rejected Hackers’ Request Prior to $81 Million Cyberheist

Posted on .

Report: NY Fed Rejected Hackers’ Request Prior to $81 Million Cyberheist

Introduction

This article was posted on Monday, 09:18, UTC.

 The Federal Reserve Bank of New York had initially blocked hackers’ transfer requests that purported to be from the Bangladesh Central Bank, hours before approving $81 million in one of the largest ever singular cyberheists.

// -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- //

It was a fateful February day which saw the New York Federal Reserve approve four fraudulent requests to wire a total of $81 million from an account belonging to the Bangladesh Central Bank.

Reuters has now been revealed that the New York Fed had initially rejected 35 requests to transfer the funds from several overseas accounts. The 35 requests for money transfers are speculated to total over a billion dollars.

The publication cites two individuals, an NY Fed official and a senior Bangladesh Bank official who revealed that the Fed had rejected the transfer requests, before eventually fulfilling the resubmitted requests.

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

Swift Denials

The NY Fed Reserve denied the transfer requests initially due to poorly formatted requests which weren’t compatible with the SWIFT messaging system. SWIFT has been under the spotlight itself lately, despite repeatedly denying that none of its systems were compromised.

The initially rejected requests had lacked the names of the receiving banks, a fact which counts for a major red flag. The requests came through after hackers had compromised the SWIFT network through the systems in place at the Bangladesh central bank.

Amazingly, the cybercriminals behind the heist resubmitted the same 35 requests and this time – the messages had the proper formatting. Moreover, the same requests were even authenticated by SWIFT.

Also read: Bangladesh Bank Hackers Exploited SWIFT Client Software with Malware

Still, the NY Fed rejected 30 of those requests for a second time, despite approving five – which totaled a cool $101 million. One of those requests were later reversed, due to a misspelling. That request was for a  total of $20 million.

The 30 resubmitted requests were blocked after being flagged for a review of economic sanctions, even before they were seen as potentially fraudulent transactions at a later time.

The official at the Bangladesh Bank noted that the New York Fed ought to have rejected all the transfer requests on both occasions.

A source close to the Southeast Asian bank stated:

Of course, we asked the Fed why the repetition of the names did not create red flags.

“They are saying they rejected 35 badly submitted ones,” the source said. “But when the requests were re-submitted, they “paid 5 of them and stopped 30. Why? They can give no answer.”

Featured image from Shutterstock.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.



Feedback or Requests?

Receive New Posts on Email:



Samburaj Das

Samburaj Das

Samburaj is the contributing editor at Hacked and keeps tabs on science, technology and cyber security.

There are no comments.

View Comments (0) ...
Navigation
Major Russian social networking website VK.com has reportedly been breached…