Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Crime Security The Almighty Buck

Hackers Steal Bank's Crypto Credentials, But Are Foiled By Their Own Typo (reuters.com) 45

New submitter tlambert writes: Unknown persons stole Bangladesh Bank transfer credentials for payments via the international banking system, and then proceeded to start moving money to the Philippines and Sri Lanka. A human foiled the plot after ~$80M had been stolen with another $870M stopped, after they noticed the word 'foundation' misspelled in one of the requests. Bangladesh, meanwhile, is blaming the U.S. Federal Reserve for trusting their credentials. (Note: Bangladesh Bank isn't like Bank of America; it's the country's central bank.)
This discussion has been archived. No new comments can be posted.

Hackers Steal Bank's Crypto Credentials, But Are Foiled By Their Own Typo

Comments Filter:
  • I got nothing to add after the pun in the subject line.

  • RIP (Score:2, Insightful)

    by Anonymous Coward

    A typo the source of an almost $1BILLION mistake? Someone's going to die behind this...

    • Re:RIP (Score:4, Insightful)

      by Noah Haders ( 3621429 ) on Sunday March 13, 2016 @12:34PM (#51689711)

      Maybe they'll be hacked to death by a mob with meat cleavers in public in broad daylight. Oh wait that only happens to bloggers.

    • by Koby77 ( 992785 )
      While the $1 billion theft was prevented, approximately $100 mil was still stolen. Not bad for a heist. Bangladesh is very angry, and will do anything at this point to blame others.
      • The whole point of banking credentials is so you can trust them. If the NSA wants to justify all their spying, this would make a good case to work on.
    • Maybe, but I see something else: Hackers got 80 million that they can reinvest in training (like learning English) so they can be more effective in the future.
  • Modern security especially for this kind of amount of money would really worth having an out of bond validation of money transfer.

    Not taxing transaction does not means that transactions should have non null costs. So de facto the minimal tax that should be imposed to money transactions on the internet MUST be a strong real authentication of the persons out of the internet plan to validate transactions.

    Else, we are just letting frauders have a good incentive to cheat. Especially since the victims are all for

    • by pla ( 258480 )
      especially for this kind of amount of money

      80 million shuffling between central banks amounts to chump change. Even the full billion would barely raise eyebrows (less than 1% of the GDP of Bangladesh).
      • by Anonymous Coward

        Losing 1% of your country's GDP would be a huge deal. That would mean 1 in 100 people being out of a job.

      • by Barny ( 103770 )

        I am sorry, 1% of a country's GDP is ALWAYS a lot of money. Well, except Greece. But for most, transferring such a large sum to a foreign, private destination should be a huge red flag.

  • by NormalVisual ( 565491 ) on Sunday March 13, 2016 @12:49PM (#51689755)
    He always messes up some mundane detail.
  • Bank of America? (Score:4, Informative)

    by darthsilun ( 3993753 ) on Sunday March 13, 2016 @12:49PM (#51689757)

    (Note: Bangladesh Bank isn't like Bank of America; it's the country's central bank.)

    Bangladesh Bank is like the US Federal Reserve; it's the country's central bank.

    fixed that for you.

  • by Adeptus_Luminati ( 634274 ) on Sunday March 13, 2016 @12:56PM (#51689781)

    ... to create a private and permission based blockchain between banks a la R3CEV.COM with so far 46 banks. This way, when the keys get compromised, that hacker can be the richest person in the world.

  • Things that make ya go ohhhhhhhhh! Im guessing the guy/girl who made the typo will be kicked out of their h@ck3r club..haha
    • by rtb61 ( 674572 )

      More like insider job likely with the backing of corrupt intelligence services. Once you get to that level, you are will outside the scope of amateur hackers. By far the majority of high level hacks will be government intelligence contractors (the inherent nature of the people they recruit) and actual government agents, the more corrupt the government the far more likely that is to happen. So pretty much a solid indication of how much private interests must protect themselves from government invasion, espe

  • I fully expected that sentence to end with "they usually know how to spell security".

    Not because I know the BB, but I know the BoA.

  • Follow the money (Score:2, Informative)

    by Anonymous Coward

    Here is what is going on at the receiving end.


  • With credentials for the central bank, they could have collapsed the entire nation. Hell, they were going to steal almost a full 1% of the nation's GDP! 1% might not sound like much, but it would have been devastating.
  • Good thing there wasn't a common security key like the FBI wants !!! :-P

"Don't worry about people stealing your ideas. If your ideas are any good, you'll have to ram them down people's throats." -- Howard Aiken