Hackers posed as job seekers to carry out central bank heist

A group of hackers had been trying to hack Bangladesh Bank's reserve since 2014. They sought to control the computer network of Bangladesh Bank (BB) by emailing job applications to Bangladesh Bank and the commercial banks. A zip file named 'resume' was attached to these emails. These zip files were packed with malwares which are very detrimental computer programs.

Nathan P. Shields, Special Agent, Federal Bureau of Investigation (FBI) has found this information through inquiries. The hackers took the control of the central bank's computer connected with SWIFT. This is how the hackers stole 8 crore 10 lakh US dollars (680 crore taka) from Bangladesh Bank's reserve. SWIFT stands for Society for Worldwide Interbank Financial Telecommu-nication.

The hackers got hold of the money from Bangladesh Bank's reserve by sending a false request to the SWIFT. FBI and US Attorney Office filed a complaint with the California District Court on 8th June 2018. A hearing over the allegation was held on 6th September. North Korean citizen Park Jin Hyok has been held responsible for this occurrence. Park Jin has been charged with the cyber attacks on Sony Corporation and some other firms.

FBI found the involvement of the hackers with Bangladesh Bank reserve heist while investigating cyber crimes in various countries. To quote a few words from Nathan P. Shields' findings on Park Jin Hyok "In the period shortly before the cyber-attacks discussed in this Affidavit, Park was stationed in a Chinese border city working for Chosun Expo, a North Korean government front company for a North Korean hacking organization sometimes known as Lab 110".

The allegations of 179 pages submitted by FBI say that Sony Corporation of USA came under cyber attack in October 2014. The same hackers group had the aim to steal money from the banks of Bangladesh by online fraud.

The hackers sent emails to Bangladesh Bank in February and October 2015 from four different addresses. The internet protocol or IP address of the email was located in North Korea.

FBI officer Nathan P. Shields further stated that, "The hackers were able to gain access to Bangladesh Bank's computer terminals that interfaced with the SWIFT communication system, and then craft, authenticate, and send SWIFT messages that appeared to be authentic and originating from Bangladesh Bank's own computer system.

Each of those SWIFT messages directed the Federal Reserve Bank of New York ("FRBNY") to transfer funds from Bangladesh Bank's account held in U.S. dollars there to the specified accounts in the Philippines (and Sri Lanka) via specific U.S. correspondent banks."

Ten emails came to 16 officials of Bangladesh Bank on 29 January 2015. All these emails contained job applications and curriculum vitae in the attached files which actually carried malwares.

Another two emails came to ten officials of the central bank on 23rd February. The hackers also sought to communicate with BB officials through facebook. The hackers proposed to research on Bangladesh Bank through online hiding their original identities.

An email was sent to a commercial bank in Bangladesh on 11th August 2015. That email came from a man named Russell Aflam. Malware under cover of job applications was attached to this email like the previous ones. Russell Aflam sent emails to twenty five officials of different Bangladeshi banks on the same day.

All these emails with malwares came from the following email addresses  [email protected], [email protected], [email protected], [email protected], [email protected], [email protected],

The result of the forensic inquiry of FBI is also included in the complaint lodged with California District Court. The FBI complaint says that the emails with malwares were opened on at least three computers in Bangladesh Bank. Two computers sent replies to the emails. The sender's email address was saved on another computer.

The hackers got hold of the control of three computers in Bangladesh Bank in March 2015. The hackers got into the SWIFT live system of Bangladesh Bank on 29th January 2016. US Department of State has already pressed formal charges against Park Jin Hyok in connection with this cyber assault.

On the other hand, Bangladesh Bank's Governor Fazle Kabir played much hide and seek game over the FBI report. FBI officer Nathan P. Shields and US Attorney Office filed this allegation with California District Court on 8 June 2018 whereas Bangladesh Bank remained mute on this matter for longer than two months.

Afterwards Bangladesh Bank came under compulsion to talk about the FBI inquiry outcome to journalists following a report published in The Asian Age on 11 September 2018 titled "Hackers identified but BB mum".

It is not yet clear for what reasons Bangladesh Bank wanted to hide the FBI report. Neither did BB Governor Fazle Kabir clarify why he consumed so much time to speak on the US report on BB cyber heist.

A number of incidents in Bangladesh Bank have triggered a great deal of suspicion. Gold from Bangladesh Bank's vault mysteriously turned into cheap metals. Bangladesh Bank and National Board of Revenue (NBR) had exchanged letters with each other for seven months regarding the vaulted gold's quantity but still the issue was not sorted out. Rather it was allowed to get exposed to the whole country embarrassing the government.

NBR Chairman is Bangladesh Bank's board member but still why the central bank's Governor Fazle Kabir did not resolve it earlier has generated doubts in people's minds. Even there are allegations that the gold racket was a preplanned sabotage to create awkward controversy about the government.

Recently a book on Bangladesh Bank's history has sparked widespread hue and cry for not including father of the nation Bangabandhu Sheikh Mujibur Rahman's photographs and role over the establishment of Bangladesh Bank. Rather pictures of Pakistani autocrats Ayub Khan and Monayem Khan are dazzling in that book.

Reliable sources have said that most of the senior officials of Bangladesh Bank including Governor Fazle Kabir and Deputy Governor SM Maniruzzaman are loyal to Jamaat-E-Islami and Bangladesh Nationalist Party (BNP) which is why they have intentionally erased Bangabandhu's pictures and contribution from Bangladesh Bank's history.

It may be recalled that right after the cyber attack on Bangladesh Bank's reserve, Governor Fazle Kabir gladly accepted an inquiry report from BNP leaders in which Prime Minister Sheikh Hasina and her government were blamed for the cyber heist calling it a "digital theft".

Hackers took away 101 million US dollars from Bangladesh Bank's reserve in February 2016. 20 million USD was returned to Bangladesh from Sri Lanka due to a spelling error. Another 15 million USD was recovered from Philippines.

Following the cyber heist in 2016 Finance Minister AMA Muhith blamed the top officials of Bangladesh Bank of that time though it has now been proven that foreign hackers committed this crime. AMA Muhith's reckless comments on the cyber theft deploring Bangladeshi officials have caused complications in the money recovery process.