Photo via subcircle/Flickr

Hackers steal $81 million from bank thanks to crappy $10 routers

Someone's having a bad day.

Feb 29, 2020, 8:17 am*

Tech

Patrick Howell O'Neill 

Patrick Howell O'Neill

You should never blame the victim—but sometimes, it’s hard not to point a finger in their general direction.

An $81 million bank heist, perpetrated by hacking into the networks of Bangladesh’s central bank, was made easier because the bank used second-hand $10 routers to connect to global financial networks and neglected to use a firewall for security, Reuters reports.

The hackers tried to take nearly $1 billion from Bangladesh Bank in February 2016 but succeeded in taking only a fraction of that amount due to mistakes made.

A firewall would have made the heist “difficult,” Mohammad Shah Alam, a forensic investigator on the Bangladeshi investigative team, told Reuters. The cheap routers, then, hamstrung the investigation because they collected so little network data.

A more capable router could have cost hundreds of dollars.

When hackers gained access to Bangladesh Bank’s network, they transferred cash from Bangladesh’s account at the Federal Reserve Bank of New York. Some $100 million was traced to Sri Lanka and the Philippines. Over $20 million was recovered, but $81 million remains out of hand.

What finally stopped the thieves from getting away with the full billion-dollar haul was a spelling mistake on the fraudulent transfer orders that flagged the heist for the bank staff that was, until then, completely ignorant of the mass siphoning of cash going on under their noses and through their network.

No one involved in the heist has been accused, identified, or caught.

H/T Reuters

Share this article
*First Published: Apr 22, 2016, 10:54 am