Bangladesh Central Bank

A Bangladeshi central bank official’s computer was used by unidentified hackers to make payments via SWIFT, and carry out one of the biggest-ever cyber heists, a Bangladeshi diplomat said on Thursday at the end of a Philippine Senate inquiry.

There were certain indications about who the hackers were, Bangladesh Ambassador John Gomes told a panel looking into how the $81 million in stolen money ended up in the Philippines, citing information shared by the U.S. Federal Bureau of Investigation.

Gomes said the hackers were neither in the Philippines nor in Bangladesh, but he had no other information.

One of our bank officials who is in the group that makes payments, that passes the payment instructions, his computer was hacked

“It was a Friday when the attack happened and the Bangladesh central bank is totally shut down. It was all sealed and no one goes to the bank on that day.”

There was no evidence directly linking anyone in Bangladesh to the February cyber heist, Gomes said.

The hackers sent fraudulent messages, ostensibly from the central bank in Dhaka, on the SWIFT system, to the New York Federal Reserve seeking to transfer nearly $1 billion from Bangladesh Bank’s account there.

Most of the transfers were blocked but about $81 million was sent to a bank in the Philippines. It was moved to casinos and casino agents and much of it is missing.

Ralph Recto, one of the Philippine senators leading the investigation, said in April Chinese hackers were likely to have pulled off the heist, citing a network of Chinese people involved in routing the stolen funds through Manila.