The Far Eastern International Bank in Taiwan revealed that it was hacked on Friday (October 6). The Bank said that its computer system had been implanted with malware.
The malware affected some of the bank’s PCs and servers as well as the Society for Worldwide Interbank Financial Telecommunication (SWIFT) network.
What is SWIFT? – it is a members-only organization which provides safe and secure financial transactions for its members via a standardized proprietary communications platform that can facilitate the transmission of information about financial transactions. Read more
Hackers used a malware to conduct virtual transactions to move funds up to around US$60 million from the bank’s client accounts to foreign destinations.
The destinations include;
- The United States of America
- Sri Lanka
Wait…, Sri Lanka?
Yes, and the Criminal Investigations Department has already arrested an individual on ‘international money laundering’.
The CID launched an investigation into US$ 1.1 million being allegedly credited to a private account under the name of J.C. Nammuni from Far Eastern International Bank.
According to a senior official, the account owner had withdrawn Rs. 30 million on October 4, 2017.
J.C. Nammuni returned again on Friday to withdraw Rs. 8 million. He was arrested when he arrived at the Bank of Ceylon Head Office Branch to make the withdrawal.
Nammuni was then produced in court and was remanded until Wednesday (October 11).
Following are the submissions made to court by CID on several crimes;
- Money laundering
- Cyber crimes
- Illegal hacking.
According to a CID senior official, investigations are underway into bank’s CCTV footage to identify another individual who was accompanied by J.C. Nammuni.
The suspect is currently in hiding, said a senior CID officer, noting that he is a head of a state owned enterprise.
Immigration and Emigration authorities have been informed to prevent the suspect from leaving the country.
Investigators also reported to court that they had discovered a sum of Rs. 4 million at the office of J.C. Nammuni.
His account has been frozen in line with a court order.
A team of investigators from Taiwan have made a request to travel to Sri Lanka in the coming days.
There was a similar incident reported in February 2016.
An attempt to steal around US$1 Billion from a Bangladeshi account at the New York Federal Reserve Bank.
Twenty million of this amount had been credited to the account of Shalika Foundation in a Sri Lankan bank.
How does this happen?
Hackers infiltrate the SWIFT system to falsify bank to bank transactions by sending an e-mail to a selected bank employee.
When the employee opens the e-mail, which has the malware encoded in it, infiltrates the SWIFT system.
This allows the hackers to enter the system and issue orders for bank to bank transactions.
While some of the orders are rejected, many are approved allowing the hackers to transfer funds into accounts of their choosing.
The hackers are also able to swiftly erase warning messages that are issued through the system.
However, when funds were transferred to the account of the Shalika Foundation during the Bangladesh Central Bank scam, Deutsche Bank officials flagged mistakes in the account name, unraveling the fraud.
Full details are available from the link below:
Source URL: Travel - Google News