They are considered the most successful bank robbers in the world: North Korea’s hacker group Lazarus is as ruthless as it is notorious. And almost made billions in loot in a single robbery. But the perfect plan failed due to a small coincidence.
At least since they took over the entire system of the film giant Sony Pictures, North Korea’s hackers have been known to the world. At that time it was still about the principle: Because dictator Kim Jong-un did not do well in the comedy “The Interview”, unpublished films by Brad Pit, among others, were put online. Since then, the hackers have become the country’s main source of income. A report now shows how this succeeded – and a tiny detail caused the greatest bank robbery of all time to fail.
In the beginning there was a broken printer in the bank of Bangladesh, reports the “BBC”. When it suddenly failed on a Friday in February 2016, the employees initially gave little thought. “We thought it was one of those problems that we have every day,” manager Zubair Bin Huda said afterwards to the police. Then he knew what he hadn’t suspected at the moment: that the defective printer had been part of the greatest attempted robbery of all time.
Billions robbery
While the printer was paralyzed, the hackers transferred almost all of the Bank of Bangladesh’s cash reserves to an account at the Federal Reserve Bank in New York, known as the Fed for short, in 35 transactions. $ 951 million should change hands. For this, the attackers successfully pretended to be employees in the bank’s systems who made normal transfers.
The printer plays a central role in this: the device, which is located in a high-security room of the central bank of Bangladesh, prints out the paper records for transfers of millions. Exactly that did not happen while the accounts were being plundered in the background. When the printer was discovered to be defective that Friday morning, the attack had long been underway. The timing was cleverly chosen: when the hackers began to clear the bank’s accounts on Thursday evening, it was still morning in New York, so the bank there had plenty of time to carry out the order, but urgent inquiries about Bangladesh remained because of the time difference unanswered.
Discovery delayed
But the hackers had planned even more cleverly: When the defective printer was discovered on Friday, the weekend had already started in Muslim Bangladesh. When the bank’s printer was repaired on Saturday, the irritated inquiries suddenly gushed out from the USA. Answering it, however, was again not possible – because New York had now gone into the weekend. “That was the great elegance of the attack,” explains security expert Rakesh Asthana at the “BBC”. “You could delay the discovery by three days.” Once cleared from the account, the money should be shoveled into accounts in the Philippine capital Manila. The Chinese New Year began there on the Monday after the attack – a national holiday.
The rest of the hack was planned with a similar level of attention to detail. More than a year earlier, a contaminated email had opened the first access to the bank, the FBI later found out. Gradually, the attackers opened up access to the network and took control. And began to take care of the important part: getting the money out. Using forged IDs, they opened four accounts at a bank on Jupiter Street in Manila. And waited for the perfect moment.
Failed by chance
The fact that the big raid failed was due to an unbelievable coincidence: “The transactions were stopped by the Fed because they contained the word Jupiter,” said US politician Carolyn Maloney. The unpredictable reason: a ship of the sanctioned Iranian regime bears the same name as the street in which the apparently randomly chosen bank is located. The automatic transfer was interrupted by the name of the ship, a manual check was ordered – and the huge robbery came to light.
The hackers were not entirely unsuccessful: $ 101 million had already been transferred when the alarm bells began to ring. Of these, however, 20 million were booked back: Because the recipient’s name was misspelled. A few years ago, this was incorrectly reported as the reason for the entire demolition. In the end, the Lazarus hackers were able to loot $ 81 million from the field.
So far this has had no consequences for her. A North Korean citizen was accused of being the head behind the attack, but because he is in his home country, he does not have to fear extradition. And Kim Jong-un is likely to continue pouring money into the state coffers.
David William is a talented author who has made a name for himself in the world of writing. He is a professional author who writes on a wide range of topics, from general interest to opinion news. David is currently working as a writer at 24 hours worlds where he brings his unique perspective and in-depth research to his articles, making them both informative and engaging.
