A cybercriminal plan to steal up to $1 billion from Bangladesh's central bank fell apart over something as simple as a typo.


Cybercriminals were unsuccessful in stealing $1 billion from the central bank, but did manage to steal $81 million before the jig was up. The hackers breached the Bangladesh bank's systems, stealing credentials needed to authorize payment transfers from the country's monetary reserves in the Federal Reserve Bank of New York to fraudulent accounts based in the Philippines and Sri Lanka.

What gave the heist away was a request by the hackers to send the funds to the imaginary “Shalika Fandation” [sic]. The transfer company in routing bank Deutsche Bank where the misspelling was noticed and led to an investigation. Had it not been for the misspelling of Foundation, the hackers might have gotten away with the entire $1 billion.

Deutsche Bank sought clarification from Bangladesh's bank, which immediately stopped the fraudulent transaction. The Fed also separately alerted Bangladesh due to the anomalous number of payment instructions it had received.

Source: SCMagazine