Few hackers almost stole $1 billion from a bank. They were stopped because of a simple typo

A simple spelling mistake in an online bank transfer instruction prevented a billion-dollar heist. Back in 2016, the central bank of Bangladesh was hit by a cyber attack that directly impacted the New York Federal Reserve. While a series of lucky coincidences saved the banks hundreds of millions of dollars, the hackers did manage to steal $80 million, in one of the most daring bank heists in history, as per Reuters. 

Attack on Titan

In February 2016, Zubair Bin Huda, a director at Bangladesh’s central bank, realized that the bank's software 'Swift' had crashed. According to a detailed report from the New York Times,  the Brussels-based electronic network which was used by 11,000 financial institutions in over 200, was primarily used to dispatch the payment orders and manage communication. 

When Huda finally got the software to run, he found that an employee of The New York Fed had written to the bank asking for clarification about 46 payment instructions received over the past 24 hours. The transactions totaled nearly $1 billion. It was highly unusual as the bank never made such large payment orders before, especially over a weekend.

Upon looking further, the bank officials learned that they had been under a cyber attack and the Swift system was compromised. This was shocking as the Swift was considered a titan and an unbreachable software. Hackers issued over three dozen payment orders for bank accounts and institutions located across Sri Lanka, the Philippines, and more. 

However, out of the 46 payment requests, only 5 went through. Transactions worth over $850 million were held up after spelling and naming errors were found in some of the payment orders.

A bad keystroke of good luck 

While five transactions were worth about $80 million, one payment order worth a $20 million deposit for the Shalika Foundation, an agricultural NGO in Sri Lanka didn't clear. This was primarily due to a spelling error made in the word 'foundation'. The hackers accidentally misspelled the word as "fandation" which was noticed by the Deutsche Bank which had a financial relationship with the bank in Sri Lanka. The bank sought clarification from the Central Bank of Bangladesh, halting the payment, as per Reuters. 

The next series of payments totaling about $850 to $870 million were stopped by another coincidence. The payments were for individual accounts at the Jupiter branch of Rizal Commercial Banking Corporation near Manila. They didn’t clear as the automated system flagged the word “Jupiter,” which matched the name of a totally different business that was blacklisted for circumventing sanctions against Iran, per The Times report. Thus, these two lucky coincidences prevented the bank from losing nearly $900 million more. 

Who attempted the biggest bank heist in history?

While nothing much has been shared in the media about the perpetrators of the heist, The Times reported that Bangladesh Bank hired a US cybersecurity firm FireEye, to investigate the matter. The firm reportedly signed a nondisclosure agreement with the bank but some details of their investigation leaked. 

The attack had similarities to previous cyber attacks like the 2014, Sony Pictures hack, “Dark Seoul,” a March 2013 hack that targeted three South Korean banks, and the WannaCry ransomware attack in May 2017.  All of these attacks bore the markings of the "Lazarus Group", a shady organization that U.S. intelligence experts claim to be affiliated with North Korea.