سرقة المليار دولار من بنك بنغلاديش المركزي

قرية العجائب | بدر العلوي

27 Apr 202438:53

Summary

TLDRThe video script details a sophisticated digital heist that took place in 2016, targeting the central bank of Bangladesh. Hackers exploited a holiday weekend to initiate fraudulent transactions through the SWIFT system, stealing nearly a billion dollars. The script explains how the hackers used social engineering to infiltrate the bank's systems, their strategic timing to hinder communication between banks, and the subsequent efforts to trace and recover the stolen funds. The narrative also delves into the involvement of North Korean hacking group Lazarus, the impact of the heist on the global financial system, and the broader implications of escalating digital threats in an increasingly digital world.

Takeaways

😮 In 2016, the Bangladesh Central Bank was targeted in one of the largest digital heists in history, with hackers stealing nearly a billion dollars through the SWIFT system.
💼 The attack was executed by a highly skilled group of hackers, who were able to infiltrate the bank's systems and manipulate international transfer operations.
🕵️‍♂️ The hackers used a combination of social engineering and malware to gain access to the bank's computers and the SWIFT network, demonstrating a deep understanding of the bank's internal operations.
🗓 The timing of the attack was strategic, occurring during weekends and holidays in Bangladesh, the Philippines, and the US, when communication between banks would be disrupted.
💡 The hackers sent job application emails containing malware to bank employees, which when opened, allowed them to spread the virus within the bank's network.
🖨 The bank's printer system was also compromised, preventing the printing of transaction records and delaying the detection of the fraudulent transfers.
🚫 Despite attempts to halt the fraudulent transactions, the bank faced challenges due to holidays and communication failures between the involved banks and authorities.
💰 A significant portion of the stolen funds, $81 million, was transferred to the Philippines, where the hackers had accounts set up to receive the money.
🔄 The remaining funds, $31 million, were held under review by the Federal Reserve Bank of New York due to suspicious activity, highlighting a critical oversight that prevented a complete loss.
🎰 The stolen money in the Philippines was laundered through casinos, where the cash was exchanged for chips and then back to cash, making it untraceable.
🏆 The group behind the attack, known as Lazarus, is believed to be North Korea-backed, with previous attacks on Sony Pictures in 2014 showing similar patterns of operation.

Q & A

What significant event occurred in 2016 at the Bangladesh Bank?
-In 2016, the Bangladesh Bank was subjected to one of the largest heists in digital banking history, where hackers managed to steal nearly a billion dollars through the SWIFT system.
What is the role of SWIFT in international banking transactions?
-SWIFT is a global messaging network that enables banks around the world to communicate with each other to facilitate international financial transactions. It is a secure and standardized system used by most banks globally.
How did the hackers manage to infiltrate the Bangladesh Bank's system?
-The hackers conducted a sophisticated social engineering attack, where they gathered personal information about bank employees from social media, sent them job offer emails containing malware, and infected the bank's computers, eventually gaining access to the SWIFT system.
What was the impact of the malware sent via email on the bank's employees?
-The malware, disguised as a job application CV, was downloaded and opened by several employees, which allowed the virus to spread within the bank's network, capturing screenshots and keystroke logs, ultimately leading to unauthorized access to the SWIFT system.
Why was the bank unable to detect the hackers' activities initially?
-The hackers were very professional in covering their tracks, and the bank's internal security measures were not robust enough to detect the sophisticated attack. Additionally, the bank's switch devices lacked proper security standards, making it easier for the hackers to move within the network.
What was the significance of the timing chosen by the hackers for executing the heist?
-The hackers chose a weekend when banks in Bangladesh, the United States, and the Philippines were on a holiday, which provided them with a window of four days with disrupted communication between banks, allowing them to operate freely.
How did the hackers manage to transfer the stolen money?
-The hackers used the SWIFT system to send fraudulent transfer requests to the Federal Reserve Bank of New York, directing the funds to various accounts in the Philippines.
What was the role of the casino in the Philippines in the money laundering process?
-The casino in the Philippines was used as a front for money laundering. The stolen money was converted into casino chips (fiches), which are then exchanged back into clean cash, making it difficult to trace the original source of the funds.
What complications arose due to the Chinese New Year holiday in the Philippines?
-The Chinese New Year holiday in the Philippines resulted in banks being closed, which delayed the Bangladesh Bank's efforts to communicate with the Philippine bank and freeze the accounts containing the stolen funds.
What was the outcome of the heist and the subsequent investigations?
-The heist resulted in the loss of approximately $81 million, and the subsequent investigations implicated North Korea-backed hacking group Lazarus. However, no arrests were made, and the majority of the stolen funds were not recovered.
What measures could have been taken to prevent such an attack?
-To prevent such attacks, banks should implement robust internal security protocols, regularly update and patch their systems, educate employees about social engineering tactics, and ensure that communication channels between banks are secure and monitored.