Bangladesh finds Egypt-linked malware after bank heist

Dhaka: Bangladesh police probing an audacious USD 81 million heist from a central bank account have found suspicious malware in the bank’s computer systems that was sending information to Egypt, an officer said today. Hackers stole the money from the Bangladesh Bank’s account with the Federal Reserve Bank of New York on February 5 and managed to transfer it electronically to accounts in the Philippines.

Investigator Shah Alam said the malware just discovered in the Bangladesh Bank’s main servers had allowed information to be sent to an email address in Egypt for more than seven hours at the time of the theft. “We sought help from our Egyptian counterparts to find out the real person who was using that IP address during that period,” Alam told AFP.

Alam gave no further details, but an investigator said on condition of anonymity that they were seeking clarity on whether the computer in Egypt was being hacked from a third country.

Bangladesh Bank spokesman Subhankar Saha said he was not aware of the presence of any Egyptian-linked malware. The finding has complicated the probe into the heist that has sent shockwaves through the banking world and seen Bangladesh investigators seek help from at least three countries.

The central bank governor and his two deputies lost their jobs following the theft which has hugely embarrassed the government and raised alarm over the security of the country’s foreign exchange reserves of over USD 27 billion.

The unidentified hackers managed to shift USD 81 million from the account to a nondescript bank in Manila and then on to Philippine casinos before the trail went cold. They attempted to steal a further USD 850 million by bombarding the New York bank with dozens of transfer requests, but the bank’s security systems and typing errors in some requests prevented the full theft.

The FBI and Interpol are assisting with the Bangladesh investigation, and some Bangladesh officers are now in the Philippines as part of the probe.