Bangladesh central bank boss quits over $100m cyberheist


Bangladesh central bank governor Atiur Rahman has resigned following a cyberheist that saw more than $100 million stolen.

Mr. Rahman told Reuters that the country’s prime minister Sheikh Hasina has accepted the resignation, following the events which took place during the first week of February.

The resignation follows comments from Bangladesh finance minister Abul Maal Abdul Muhith who said he was “very unhappy” with the bank’s handling of the matter, having only learned of the heist via the media a month after it had happened.

The Guardian referred to the incident as “one of the largest cyberheists in history,” and it might have been even more disastrous if not for a spelling mistake.

The criminals are believed to have tried to steal around $1 billion in total, while using stolen credentials to make their transfer requests appear legitimate.

However, a misspelling in the name of the account chosen to receive the funds – as well as the sheer volume of requests – helped alert an intermediary bank to the theft.

A total of around $101 million was moved by attackers to accounts in Sri Lanka and the Philippines, although the Financial Times notes that approximately $20 million of that sum was eventually recovered in Sri Lanka.

The Bangladesh Bank is now working with anti-money laundering authorities to try and recover the rest of the money, while assessing the security of its systems and identifying potential weaknesses.

The Bangladesh government, meanwhile, has blamed the New York Fed for not spotting the suspicious transactions earlier, adding that Fed officials “cannot avoid their responsibility in any way”.

by Kyle Ellison, ESET We Live Security

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s