Bangladeshi robbers conceal heist using malware

  • 17/03/2016
Atiur Rahman was sacked as the central bank's governor (Reuters)
Atiur Rahman was sacked as the central bank's governor (Reuters)

By Serajul Quadir

The cyber thieves who stole $81 million from Bangladesh Bank hid their tracks by installing malware that manipulated a central bank printer to hide evidence of the heist, according to a person familiar with the investigation.

Earlier, two central bank officials filed a police report that said that a computer and printer the bank uses to order wire transfers was manipulated so that authorities could not see records of outgoing transfer requests or receipts confirming that they had been received.

Details about the issues with the computer and printer were among the first clues to surface as to how the attack was carried out.

The officials saw the first signs that something was off on February 5, when they noticed a glitch with a printer that is set up to automatically print all wire transfers.

When they realised the previous day's transactions had not been printed, they attempted to manually print them but were unable to do so, according to the report.

One official asked that the printer be repaired before leaving the office that day, but other bank employees later decided to wait until the next day to fix it, according to the report.

When the officials tried to access the computer the bank uses to send wire transfer messages, they got messages saying a file was missing or changed.

They were eventually able to access the messaging system on February 8 and print out messages after obtaining clearance to use other means to access the system from senior bank officials.

When they printed the messages there were three from the New York Fed seeking information about several suspicious transactions, which flagged them to the heist that this week resulted in the sacking of the central bank's governor.