Bangladesh bank heist: How hackers almost stole US$1 billion

Banking on lax checks in huge cyber caper

Ms Maia Santos Deguito testifies during a Senate hearing of money laundering involving the theft of $81 million from the US account of the Bangladesh Bank, at the Philippine Senate in Manila, on March 17, 2016. PHOTO: REUTERS

On May 15 last year, Ms Maia Deguito, manager of an undistinguished branch of the Philippines' sixth- largest bank, met five men at one of Manila's swanky casinos. She knew only one of them: Mr Wong Kam Sin, an ethnic Chinese who had been in the Philippines since he was 10.

At an ongoing congressional probe, Ms Deguito said she met Mr Wong through car trader Jason Go, who had helped her with her career and was a "valued client" of her employer, Rizal Commercial Banking Corp (RCBC).

She said that at a birthday party back in 2014, the bank's president, Mr Lorenzo Tan, himself told her to "take care" of Mr Wong. So she did.


Hackers stalked bank's computer systems

Bangladesh central bank governor Atiur Rahman (above) resigned to take responsibility for the scandal. PHOTO: EPA

DHAKA (BLOOMBERG) • Hackers who stole US$101 million (S$137 million) from Bangladesh's central bank stalked its computer systems for almost two weeks beforehand, according to an interim investigation report seen by Bloomberg.

Prepared for the Bangladesh Bank by cyber security firms FireEye and World Informatix, the assessment offers a tantalising glimpse into how cyber criminals can use the banks' own systems against them.

The cyber companies say the thieves deployed malware on servers housed at the central bank to make payments seem genuine. The report cast the unidentified hackers as a sophisticated group which sought to cover their tracks by deleting computer logs as they went.