Cyber Crime

Bangladesh says hackers stole $100 Million from its US Federal Reserve account

Unknown hackers have stolen more than $100 million from the Bangladesh Bank account at the US Federal Reserve Bank.

According to Bloomberg, the Bangladesh’s Finance Minister Abul Maal Abdul Muhith is accusing the U.S. Federal Reserve for the theft of at least $100 million stolen from the Bangladesh’s account. Bangladesh is threatening the US for a legal fight to retrieve the funds, explained Muhith in a press conference held in Dhaka on Tuesday. The central bank of Bangladesh declared the funds had been stolen from an account by hackers, the experts had traced some of the missing funds in the Philippines.

“We kept money with the Federal Reserve Bank and irregularities must be with the people who handle the funds there,” Muhith said. “It can’t be that they don’t have any responsibility.”

While the central bank of Bangladesh is blaming Chinese hackers, the Federal Reserve is denying the security breach of security took place.

On Monday, a spokeswoman for the US Federal Reserve Bank of New York confirmed there was no evidence of a security breach, neither that the Bangladesh Bank account had been hacked.

The Fed spokeswoman clarified that every payment follows standard protocols and is authenticated by the SWIFT message system used by financial institutions

“To date, there is no evidence of any attempt to penetrate Federal Reserve systems in connection with the payments in question, and there is no evidence that any Fed systems were compromised,” said New York Fed spokeswoman Andrea Priest.

Currently, the US Fed and the Bangladesh Government are investigating the incident.

The Bangladesh’s central bank has about $28 billion in foreign currency reserves, according to the country’s Prothom Alo newspaper, at least 30 transfer requests were made on February 5 using the Bangladesh Bank’s SWIFT code. Five transfers were successfully completed.

How is possible?

Difficult to say because there aren’t details on the event. It is likely hackers breached Bangladesh Bank in early February stealing credentials for payment transfers, then they used the credentials to order transfers out of a Federal Reserve Bank of New York account held by Bangladesh Bank.

Anyway it is a complex hack, attackers had a deep knowledge about Bangladesh Bank’s procedures for ordering transfers, likely they spied on Bangladesh Bank staff to gather the information.

Other incidents involved the US Feds in the past, in 2014 a British citizen was accused of hacking its servers and leaking sensitive data.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – US Federal Reserve, security breach)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

13 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

20 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

1 day ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

1 day ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

2 days ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

2 days ago

This website uses cookies.