The central bank of Bangladesh, the SWIFT network and the New York Fed can't evade their responsibility in the reserve heist, said a probe report. This led the then governor to decide not to report the incident to any intelligence agency until March 1.īut after the Inquirer of Manila broke the news on February 29, the whole world came to know about the incident. The Filipino governor said if utmost secrecy about the stealing can't be ensured the wrong-doers might escape and assured Rahman that the whole amount might be retrieved quickly if secrecy can be maintained, Rahman told the probe committee.
Then Governor Atiur Rahman told the probe committee that he talked to Amando M Teranga Junior, then central bank governor of the Philippines, on February 11. Still, the central bank decided to keep it secret. Transferred funds are often available and final when sent.Īrmed with this knowledge, the conspirators sent the unauthorised payment orders after business hours at the start of the weekend in Bangladesh - which is Friday and Saturday in Bangladesh - in an attempt to action the transfers before the New York Fed or Bangladesh Bank could discover the theft, the case document said.īB high-ups came to know about the stealing two days later. Fedwire system transfers are same-day and, in many cases, instantaneous. The conspirators took advantage of certain features of the Fedwire system and timing to accomplish their theft. Hackers usurped the Fedwire system - which is developed and maintained by the Federal Reserve System and used to transfer large-dollar payments among Federal Reserve offices, depository institutions and federal government agencies - to steal funds from the BB's account at the New York Fed by transferring them to correspondent accounts held by RCBC, according to a court document of a case filed by the BB with a New York court. Mandiant's probe showed that the traces to collect information, particularly the SWIFT messages, generated on February 4 were erased. The size of the transaction was unusual, too. Ultimately, the Sri Lankan bank that received that payment order - the Pan Asia Banking Corporation -flagged it because it misspelled the word "Foundation" as "Fundation". Of the amount, $81 million was wired to the Philippines (RCBC branch in Manila) and $20 million to Sri Lanka's Shalika Fundation. While the NY Fed's security system flagged the payment orders, five of them fell through, and $101 million against them was released.
Star stable codes february 2016 password#
Hackers, using the user name and password of a BB official of the accounts and budgeting department, generated 35 SWIFT messages between 8.36pm on February 2016 and 3.59am the following morning and instructed the NY Fed to release around $951.01 million to four beneficiaries through intermediary banks. The criminals chose the day for the hacking wisely: February 5 and 6 were weekends in Bangladesh, February 6 and 7 were weekends in the US and February 6 and 8 were bank holidays for the Chinese New Year in the Philippines.
Star stable codes february 2016 software#
It has the capability to bypass certain software security measures especially related to the BB's SWIFT environment and was rigged to securely erase all traces of activity and self-destruct on Februafter accomplishing its goal, said the probe report quoting a primary report of world-renowned cyber security firm FireEye Mandiant. The malware identified is advanced and custom-designed to operate on servers processing SWIFT transactions. The user ID and password of the two BB officials were compromised after January 24, 2016, the report said.Ī malware was deployed into the SWIFT system on January 19 or 20, 2016 that copied the user ID and password the credentials were later used in hacking and transferring the funds. So, it was not difficult to know about the finger stroke, password and other important codes. The SWIFT official used the user ID and password of two BB officials to work in the system. Then the SWIFT officials also did not inform the BB officials how the link between the SWIFT and the BB-RTGS works. The report raised questions about the visit of a SWIFT official, who worked almost privately on the SWIFT system at the BB. The establishment of the link on August 13 paved the way for the hackers to deploy malware in the SWIFT messaging system as it created scope for any computer of the local area network (LAN) to send SWIFT messages to the New York Fed, according to the probe report. In August 2015, the computers of the BB were connected with the SWIFT network through the Real-Time Gross Settlement (RTGS), which is used to process local transactions and without taking any expert opinion. The root to hack the BB network and its reserves could be traced at least six months before the heist took place.