Thursday, January 23, 2025

Top 5 This Week

Related News

Unmasking the Bangladesh Bank Reserve Heist: Who are Riaz, Zubair, and Saleheen?

The cyber heist that shook the global financial world in February 2016 remains one of the most significant digital thefts in history. Hackers infiltrated Bangladesh Bank’s systems and successfully transferred $81 million from its account at the Federal Reserve Bank of New York to accounts in the Philippines. Though $18 million was later recovered, a large sum remains missing. The FBI and other international agencies have been working to uncover those behind this sophisticated cyberattack.

The spotlight in the investigation has fallen on several individuals, including Sheikh Riaz Uddin, Zubair, and Saleheen, who are suspected of having played critical roles in facilitating the reserve heist. Who are they, and what were their roles in this elaborate crime?

The Timeline of the Cyber Heist: A Prelude to the Attack

The FBI’s criminal case filed in the California District Court reveals that hackers had been targeting Bangladeshi banks as early as October 2014. Using four key Google accounts—[email protected], [email protected], and two linked addresses ([email protected] and [email protected])—hackers launched spear-phishing attacks.

Between January 24 and 29, 2015, the hackers sent phishing emails from [email protected] to multiple Bangladesh Bank employees, attempting to infiltrate their systems. The emails contained malicious links disguised as job applications. When recipients clicked on these links, they inadvertently downloaded malware that embedded itself within the bank’s network.

This malware lay dormant until early 2016, when it activated to facilitate unauthorized fund transfers through the SWIFT system.

Who are Riaz, Zubair, and Saleheen?

Sheikh Riaz Uddin: The Assistant Director at Bangladesh Bank

Sheikh Riaz Uddin, a key figure in the investigation, was one of eight authorized users of the SWIFT system at Bangladesh Bank. On February 4, 2016, Riaz logged out of the bank’s server at 7:15 PM after initiating 18 legitimate SWIFT messages to the Federal Reserve Bank of New York for fund transfers. However, investigators found that between 8:36 PM and 3:59 AM the next day, someone using Riaz’s credentials sent 35 unauthorized SWIFT messages, requesting the transfer of $951 million.

Riaz’s user credentials were crucial in enabling the hackers to gain access to the SWIFT Live system. His departure from the office at 8:03 PM raised questions about how his login details were used afterward. The forensic investigation revealed that hackers had tampered with the bank’s logs, but some evidence remained, exposing their activity.

Zubair and Saleheen: The Mystery Operatives

The involvement of Zubair and Saleheen in the heist remains under scrutiny. While little public information is available about their specific roles, they are believed to have assisted in the operational aspects of the cyberattack. Their alleged tasks may have included managing the malware, facilitating communications with international hacking groups, and coordinating the money laundering efforts through the Rizal Commercial Banking Corporation (RCBC) in the Philippines.

The Spear-Phishing Tactic: A Key Entry Point

The cyberattack relied heavily on spear-phishing emails to penetrate Bangladesh Bank’s network. The hackers sent job application emails containing links to Resume.zip files, which, once downloaded, installed malware on the bank’s computers. Between March 2015 and January 2016, the malware infiltrated the bank’s internal systems, eventually targeting the SWIFT messaging system.

The malware was capable of transferring documents and creating .zip archives within the network, ensuring that sensitive information reached the hackers.

How the Hackers Manipulated the SWIFT System

The SWIFT Alliance Access system at Bangladesh Bank was the primary target. This system manages international financial transactions and is essential for secure communications between banks. The hackers’ malware allowed them to bypass security protocols and issue fraudulent SWIFT messages.

Interestingly, despite the Federal Reserve Bank’s initial suspicion of some payment instructions, five fraudulent transactions worth $81 million were processed and sent to the RCBC in the Philippines. The funds were then funneled through casinos and junket operators, making recovery efforts difficult.

The Role of Former Bangladesh Bank Governor Dr. Atiur Rahman

The investigation report highlighted that Dr. Atiur Rahman, the then-governor of Bangladesh Bank, chose to keep the cyber heist a secret for 244 days. Despite receiving pleas from subordinate officers to file a General Diary (GD) with the police, Rahman reportedly declined, citing concerns about potential harassment of bank employees.

When the news of the heist broke on February 29, 2016, through the Manila-based newspaper The Inquirer, it shocked the nation. The delay in reporting the incident to law enforcement and the government raised serious questions about accountability.

What Happened to the Stolen Funds?

Of the $81 million stolen, only $18 million has been recovered so far. The remaining funds disappeared into the Philippines’ casino industry, which, at the time, had weak anti-money laundering regulations. The investigation into the heist has led to several arrests and charges, but the masterminds remain at large.

The RCBC branch manager, Maia Deguito, was sentenced to prison for her role in facilitating the transfer of stolen funds. However, no major recovery of the remaining money has been achieved.

The Aftermath: Investigations and Recommendations

A 61-page report by a high-level investigation committee, led by former governor Dr. Mohammad Farashuddin, detailed the entire incident and recommended criminal charges against several Bangladesh Bank officials. The report also suggested measures to prevent future cyber heists, such as:

  • Strengthening cybersecurity protocols.
  • Enhancing SWIFT system security.
  • Increasing awareness among bank employees about spear-phishing tactics.

Despite these recommendations, the full report was never made public. The Anti-Corruption Commission (ACC) recently announced renewed efforts to investigate the reserve heist and recover the stolen funds.

Lessons Learned and the Way Forward

The Bangladesh Bank reserve heist exposed vulnerabilities in the country’s financial systems and highlighted the global threat of cybercrime. The case underscores the importance of:

  1. Enhanced cybersecurity measures: Banks must prioritize security to prevent future cyberattacks.
  2. Transparency in investigations: Keeping the public informed builds trust and ensures accountability.
  3. International cooperation: Cybercrimes often involve multiple jurisdictions, necessitating cross-border collaboration.

As the investigation continues, the focus remains on recovering the stolen funds and bringing the perpetrators to justice. Sheikh Riaz Uddin, Zubair, and Saleheen remain central figures in this case, and their roles in one of the world’s largest cyber heists will likely be scrutinized for years to come.

Inclusion,The Bangladesh Bank reserve heist serves as a cautionary tale for financial institutions worldwide. It reveals the dangers of inadequate cybersecurity measures and the sophistication of modern cybercriminals. As investigations continue, the world watches to see whether the stolen millions can be recovered and whether justice will be served.

References

  1. The Daily Star
    “Bangladesh Bank Heist: How Hackers Stole $81 Million.” The Daily Star, 2022. https://www.thedailystar.net
  2. The Guardian
    “Inside the $81m Cyber Heist That Shook the Financial World.” The Guardian, March 2021. https://www.theguardian.com
  3. Reuters
    “Bangladesh Bank Heist: The FBI’s Investigation and Charges Filed.” Reuters, 2023. https://www.reuters.com
  4. The Manila Times
    “RCBC and the Missing Millions: The Role of the Philippine Banks.” The Manila Times, 2020. https://www.manilatimes.net
  5. New York Times
    “The Digital Heist That Exposed Global Financial Vulnerabilities.” New York Times, 2022. https://www.nytimes.com
  6. FBI Case Files
    “United States District Court: Criminal Case on Bangladesh Bank Reserve Heist.” FBI California District Court, 2023.
  7. Transparency International Bangladesh (TIB)
    “Cyber Heists and Banking Vulnerabilities: A Case Study of Bangladesh Bank.” TIB Report, 2021.
  8. Philippine Daily Inquirer
    “How the Stolen Bangladesh Bank Funds Ended Up in Philippine Casinos.” The Philippine Daily Inquirer, February 2017. https://www.inquirer.net
  9. BBC News
    “The Bangladesh Bank Cyber Heist: Who Was Behind It?” BBC News, 2022. https://www.bbc.com
  10. Anti-Corruption Commission (ACC) Bangladesh
    “Investigation Report on the Bangladesh Bank Heist.” ACC Official Report, 2023.

LEAVE A REPLY

Please enter your comment!
Please enter your name here