Bangladesh Bank heist was ‘state-sponsored’: U.S. official

Lamont Siller, the legal attache at the U.S. embassy in the Philippines speaks during a cyber security forum in Manila, Philippines March 29, 2017. REUTERS/Karen Lema

MANILA (Reuters) – The heist of $81 million from the Bangladesh central bank’s account at the New York Federal Reserve last year was “state-sponsored,” an FBI officer in the Philippines, who has been involved in the investigations, said on Wednesday.

Lamont Siller, the legal attache at the U.S. embassy, did not elaborate but his comments in a speech in Manila are a strong signal that authorities in the United States are close to naming who carried out one of the world’s biggest cyber heists.

Last week, officials in Washington, speaking on condition of anonymity, blamed North Korea.

“We all know the Bangladesh Bank heist, this is just one example of a state-sponsored attack that was done on the banking sector,” Siller told a cyber security forum.

An official briefed on the probe told Reuters in Washington last week that the FBI believes North Korea was responsible for the heist. The official did not give details.

The Wall Street Journal reported U.S. prosecutors were building potential cases that would accuse North Korea of directing the heist, and would charge alleged Chinese middlemen.

The FBI has been leading an international investigation into the February 2016 heist, in which hackers breached Bangladesh Bank’s systems and used the SWIFT messaging network to order the transfer of nearly $1 billion from its account at the New York Fed.

The U.S. central bank rejected most of the requests but filled some of them, resulting in $81 million being transferred to bank accounts in the Philippines. The money was quickly withdrawn and later disappeared in the huge casino industry in the country.

There have been no arrests in the case.

A Chinese casino owner in the Philippines told that Senate inquiry he took millions of dollars from two Chinese high-rollers in February. He said the two men were responsible for transferring the stolen money from Dhaka to Manila.

Philippine investigators have filed criminal charges against several individuals and a remittance company for money laundering in connection with the heist at the country’s Department of Justice (DOJ).

None of these cases have yet been filed in court, however.

Siller said the FBI was working closely with the Philippines government “to ensure those responsible for the attack do not go unpunished.”

“So for us in the FBI, it is never over. We are going to bring these individuals to justice so that we can show others, that you maybe be able to muster such attacks, even state-sponsored, but you will not get away with it in the end.”

(Reporting by Karen Lema; Editing by Raju Gopalakrishnan)

U.S. may accuse North Korea in Bangladesh cyber heist: WSJ

Federal Reserve and New York City Police officers stand guard in front of the New York Federal Reserve Building in New York, October 17, 2012. REUTERS/Keith Bedford/File Photo

NEW YORK (Reuters) – U.S. prosecutors are building potential cases that would accuse North Korea of directing the theft of $81 million from Bangladesh Bank’s account at the Federal Reserve Bank of New York last year, and that would charge alleged Chinese middlemen, the Wall Street Journal reported on Wednesday.

The U.S. Federal Bureau of Investigation believes that North Korea is responsible for the heist, an official briefed on the probe told Reuters. Richard Ledgett, deputy director of the U.S. National Security Agency, publicly suggested on Tuesday that North Korea may be linked to the incident, while private firms have long pointed the finger at the reclusive state.

The Journal, citing people familiar with the matter, reported that prosecutors believe Chinese middlemen helped North Korea orchestrate the theft from Bangladesh’s central bank, which was among the biggest bank robberies in modern times.

The current cases being pursued may not include charges against North Korean officials, but would likely implicate the country, the newspaper reported, with the United States accusing a foreign government of orchestrating the heist.

A U.S. Department of Justice spokesman declined to comment.

FBI offices in Los Angeles and New York have been leading an international investigation into the February 2016 incident, in which hackers breached Bangladesh Bank’s systems and used the SWIFT messaging network to request nearly $1 billion from its account at the New York Fed.

The branch of the U.S. central bank rejected most of the requests but filled some of them, resulting in $81 million disappearing into casinos and other entities in the Philippines. A top police investigator in Dhaka told Reuters in December that some Bangladesh Bank officials deliberately exposed its computer systems, enabling the hackers to get in.

The incident exposed bungling and miscommunication between central banks, and left the Fed, Bangladesh, SWIFT, and the Philippine lender that initially received the funds trading blame for months.

SWIFT – or the Society for Worldwide Interbank Financial Telecommunication that serves as the backbone of global finance – has since revealed that its messaging system has been targeted in a “meaningful” number of other attacks last year using a similar approach as in the Bangladesh incident.

Last week, SWIFT said it planned to cut off the remaining North Korean banks still connected to its system as concerns about the country’s nuclear program and missile tests grow.

The Journal reported that federal investigators are focusing on Chinese individuals or businesses who allegedly helped North Korea orchestrate the heist, and that the U.S. Treasury is considering sanctions against these alleged middlemen.

The New York Fed and SWIFT declined to comment.

(Reporting by Jonathan Spicer and Joseph Menn; Editing by Jonathan Oatis and James Dalgleish)

Trail in cyber heist suggests hackers were Chinese: senator

Bangladesh central bank

By Karen Lema

MANILA (Reuters) – A Philippine senator said on Wednesday that Chinese hackers were likely to have pulled off one of the world’s biggest cyber heists at the Bangladesh central bank, citing the network of Chinese people involved in the routing of the stolen funds through Manila.

Unidentified hackers infiltrated the computers at Bangladesh Bank in early February and tried to transfer a total of $951 million from its account at the Federal Reserve Bank of New York.

All but one of the 35 attempted transfers were to the Rizal Commercial Banking Corp (RCBC), confirming the Philippines’ centrality to the heist.

Most transfers were blocked, but a total of $81 million went to four accounts at a single RCBC branch in Manila. The stolen money was swiftly transferred to a foreign exchange broker and distributed to casinos and gambling agents in Manila.

“The hacking was done, chances are, by Chinese hackers,” Senator Ralph Recto told Reuters in a telephone interview. “Then they saw that, in the Philippines, RCBC particularly was vulnerable and sent the money over here.”

Beijing was quick to denounce the comments by Recto, vice chairman of the Senate Committee on Finance and a former head of the Philippines’ economic planning agency.

The suggestion that Chinese hackers were possibly involved was “complete nonsense” and “really irresponsible,” Chinese foreign ministry spokesman Lu Kang told reporters.

Recto said he couldn’t prove the hackers were Chinese, but was merely “connecting the dots” after a series of Senate hearings into the scandal.

At one hearing, a Chinese casino boss and junket operator called Kim Wong named two high-rolling gamblers from Beijing and Macau who he said had brought the stolen money into the Philippines. He displayed purported copies of their passports, showing they were mainland Chinese and Macau administrative region nationals respectively.

“BEST LEAD”

Wong, a native of Hong Kong who holds a Chinese passport, received almost $35 million of the stolen funds through his company and a foreign exchange broker.

The two Chinese named by Wong “are the best lead to determine who are the hackers,” said Recto. “Chances are… they must be Chinese.”

The whereabouts of the two high-rollers were unknown, Recto added, saying the Senate inquiry “may” seek help from the Chinese government to find them.

Recto also questioned the role of casino junket operators in the Philippines, saying many of them have links in Macau, the southern Chinese territory that is the world’s biggest casino hub. “There are junket operators who are from Macau, so it (the money) may find its way back to Macau,” he said.

A senior executive at a top junket operator in Macau told Reuters there was “no reason” to bring funds from the Philippines to Macau.

“This seems more like a political story in the Philippines,” he said, speaking anonymously because he was not authorized to talk to the media.

The U.S. State Department said in a report last month that the gaming industry was “a weak link” in the Philippines’ anti-money laundering regime.

Philrem, the foreign exchange agent, said it distributed the stolen $81 million to Bloomberry Resorts Corp, which owns and operates the upmarket Solaire casino in Manila; to Eastern Hawaii Leisure Company, which is owned by Wong; and to an ethnic Chinese man believed to be a junket operator in Manila.

Wong has returned $5.5 million to the Philippines’ anti-money laundering agency and has promised to hand over another $9.7 million. A portion of the money he received, he said, has already been spent on gambling chips for clients.

Solaire has told the Senate hearing that the $29 million that ended up with them was credited to an account of the Macau-based high-roller but it has managed to seize and confiscate $2.33 million in chips and cash.

(Writing by Andrew R.C. Marshall; Additional reporting by Farah Master in Hong Kong; Editing by Raju Gopalakrishnan)