It helps to know how to spell when you try to rob a billion from a dirt poor country. A spelling mistake thwarted hackers in stealing a $1 billion dollars from the Bangladesh Bank, and that typo prompted FED NY authorities to check with a routing bank (Deutche Bank) if the transfer was legit.
The hackers initiated a series of money transfer requests after stealing credentials the Bangladesh bank uses to authorize electronic money transfers. They used the stolen creds to send more than 30 money transfer requests to the Federal Reserve Bank of New York, asking them to transfer the funds from the Bangladesh Bank’s account to organizations in the Philippines and Sri Lanka. One of these organizations was called the Shalika Foundation, but the crims misspelled the word “foundation” as “fandation” in the wire transfer, and that was the one that raised the red flags.
However, they had already correctly spelled the recipients in three earlier transfer requests before fat-fingering the name. Those wires allowed them to steal $80 million before the typo in the fourth transfer put a halt to the cyberheist. Bangladesh Bank has said it has recovered some of the money that was stolen, and is working with anti-money laundering authorities in the Philippines to try to recover the rest.
Initially, the central bank was not sure if its system had been breached, but FireEye's Mandiant forensics experts brought in to investigate found hacker footprints that suggested the system had been compromised, the officials said.
The Mandiant team could also tell that the attack originated from outside Bangladesh, adding the bank is looking into how they got into the system and an internal investigation is ongoing.
Let me make an educated guess: since they came from outside the country, an employee fell for a phishing attack. What do you think?