A team sent by Bangladesh Bank arrived in Manila to move part of 81 million USD stolen from it in a heist back to its account at the New York Federal Reserve.
According to Reuters, casino boss Kim Wong surrendered 4.63 million USD and 488.28 million pesos (10.05 million USD) to authorities after a Philippines court ruled that Bangladesh Bank is the rightful owner of the money.
Wong obtained the money from two Chinese high-rollers but has denied taking any part in the heist against Bangladesh Bank.
Philippine authorities have counted the money in the presence of John Gomes, Bangladesh’s ambassador to the Philippines, and they have moved the money to the vaults of the island nation’s central bank. All that remains is for Bangladesh Bank to move the money back to the New York Federal Reserve.
Gomes says a team from the bank arrived on 7 November to complete that final step. As quoted by Reuters:
“The writ of execution that the money be handed back to Bangladesh has already been done by the court. The good thing is now that the process on this $15 million is more or less completed, we will go for the rest.”
By no means is the work of Bangladesh Bank over, however. It’s still missing an additional 66 million USD that attackers stole back in February.
During the heist, attackers used malware linked to the 2014 Sony Pictures Entertainment hack to slightly alter Bangladesh Bank’s Access Alliance, a software package made by the Society for Worldwide Interbank Financial Telecommunications (SWIFT). That change ultimately allowed the attackers to make fraudulent money orders totaling approximately one billion USD. Only four requests totaling 81 million USD made it through, and they all went to the Philippines.
To protect against attacks such as these, financial organizations should invest in security solutions that can help detect malicious software and unauthorized file changes.
They should also internalize these five lessons we can learn from the Bangladesh Bank heist.