A Basic Spelling Error Cost These Hackers Nearly $1 Billion
Most spelling mistakes are innocent, fleeting, and only mildly embarrassing. Then there are the ones that result in a loss of over $800 million during a bank heist. Those ones suck.
Reuters reports that a basic spelling error prevented an almost billion-dollar theft from Bangladesh’s central bank last month. Hackers managed to break through the bank’s internal security and made off with the credentials needed to make transfers. They then took that information to the Federal Reserve Bank of New York, where they made more than 30 requests to transfer funds to “entities in the Philippines and Sri Lanka.”
Though about $80 million made it through—making this one of the biggest bank heists on record, according to Reuters—a request to send $20 million to a non-profit organization in Sri Lanka raised red flags.
The reason? Hackers reportedly misspelled “foundation” as “fandation.” Whoops!
Deutsche Bank, which was conducting the transfer, asked the Bangladesh central bank about the mistake, leading to a realization that something was off. Meanwhile, the abundant number of transfer requests to the New York Fed also raised suspicions, and the American wing also contacted the Bangladeshi bank.
According to one official, the money saved added up to between $850 million and $870 million.
Of course, the Bangladesh central bank still lost a painfully large sum of money, and according to Vice, they’re going after the Fed to get it back. “The Fed had the responsibility to keep the money safe,” Shamim Ahamad, the press minister at the American Bangladesh Embassy, told Vice. “We are suspecting that Chinese hackers have done it.”
The country’s finance minister, Abul Maal Abdul Muhith, had even stronger words, according to the Dhaka Tribune. “The fault that caused the hacking was in the Federal Reserve of United States, so we will file a case in the international court against the US Fed,” he said.
The Fed, meanwhile, is basically shrugging. “To date, there is no evidence of any attempt to penetrate Federal Reserve systems in connection with the payments in question,” said a spokesperson said in a statement. “There is no evidence that any Fed systems were compromised.”
Note to hackers (and self): Use spellcheck more often.
Source | Gizmodo