A basic spelling error cost hackers almost a billion dollars in their attempt to steal money from Bangladesh’s Central Bank, according to reports.
The cyber criminals managed to break through the bank’s internal security and acquire the credentials to transfer millions of dollars to other accounts in the Philippines and Sri Lanka via the Federal Reserve Bank of New York.
While the hackers still managed to transfer roughly $80m (€72m) in more than 30 transfer requests, when they tried to move $20m (€18m) to a non-profit organisation in Sri Lanka, a spelling mistake in the request caught the attention of security.
The mistake – misspelling the word ‘foundation’ as ‘fandation’.
Deutsche Bank, the financial institution overseeing the transfers, ceased the flow of money while checking with the Bangladeshi bankers about the mistake, which raised red flags in the Central Bank and saw red flags raised and the transfers ceased. The volume of money and number of transactions had caught the attention of the New York Fed as well.
According to a banking official, the number of transactions would have added up to almost $870m (€780m).
Having lost €72m to the hackers, the Bangladesh Central Bank is now going after New York Fed to make up its losses, according to Vice.
“The Fed had the responsibility to keep the money safe,” said Shamim Ahamad, press secretary at the Bangladesh Embassy to the US.
“We are suspecting that Chinese hackers have done it,” he added.
Abul Maal Abdul Muhith, the Bangladeshi finance minister, also blamed the New York Fed, telling the Dhaka Tribune, “The fault that caused the hacking was in the Federal Reserve of the United States, so we will file a case in the international court against the US Fed.”
Responding, a spokesman for the Fed refuted the claims from Bangladesh.
“To date, there is no evidence of any attempt to penetrate Federal Reserve systems in connection with the payments in question. There is no evidence that any Fed systems were compromised.”