The Incredible Story Of How Hackers Stole $100 Million From The New York Fed

Tyler Durden's picture

The story of the theft of $100 million from the Bangladesh central bank - by way of the New York Federal Reserve - is getting more fascinating by the day.

As we reported previously, on February 5, Bill Dudley's New York Fed was allegedly “penetrated” when “hackers” (of supposed Chinese origin) stole $100 million from accounts belonging to the Bangladesh central bank. The money was then channeled to the Philippines where it was sold on the black market and funneled to “local casinos” (to quote AFP). After the casino laundering, it was sent back to the same black market FX broker who promptly moved it to “overseas accounts within days.”

That was the fund flow in a nutshell.

As we explained, the whole situation was quite embarrassing for the NY Fed, because what happened is that someone in the Philippines requested $100 million through SWIFT from Bangladesh's FX reserves, and the Fed complied, without any alarm bells going off at the NY Fed's middle or back office.

"Some 250 central banks, governments, and other institutions have foreign accounts at the New York Fed, which is near the centre of the global financial system," Reuters notes. "The accounts hold mostly U.S. Treasuries and agency debt, and requests for funds arrive and are authenticated by a so-called SWIFT network that connects banks."

Well, as it turns out, Bangladesh doesn't agree that the Fed isn't ultimately culpable. "We kept money with the Federal Reserve Bank and irregularities must be with the people who handle the funds there," Finance Minister Abul Maal Abdul Muhith said on Wednesday. “It can’t be that they don’t have any responsibility," he said, incredulous.

Actually, Muhith, the New York Fed under former Goldmanite Bill Dudley taking zero responsibility for enabling domestic and global crime is precisely what it excels at.


Commuters pass by the front of the Bangladesh central bank building in Dhaka March 8, 2016.

* * *

But what really happened?

As it turns out there is much more to the story, and as Bloomberg reports today now that this incredible story is finally making the mainstream, there is everything from casinos, to money laundering and ultimately a scheme to steal $1 billion from the Bangladeshi central bank.  In fact, the story is shaping up to be "one of the biggest documented cases of potential money laundering in the Philippines. It risks setting back the Southeast Asian nation’s efforts to stamp out the use of the country to clean cash, and tarnishing the legacy of President Benigno Aquino as elections loom in May."

And yes, it does appear that hackers managed to bypass the Fed's firewall:

“Even as banks continue to harden their defenses against such sabotage, hackers too have upped their game to breach servers by utilizing both technical skills and rogue elements within the financial institutions,” said Sameer Patil, an associate fellow at Gateway House in Mumbai who specializes in terrorism and national security.

* * *

The story begins in Bangladesh, a country of about 170 million people that’s recently found itself with record foreign reserves thanks to a low wage-fueled export boom and inward remittances. Some of those reserves were held in an account at the Federal Reserve Bank of New York.

Finance Minister Abul Maal Abdul Muhith this week accused the Fed of “irregularities” that led to the unauthorized transfer of $100 million from the account. The Bangladesh central bank said the funds had been stolen by hackers and that some had been traced to the Philippines.

As reported previously, a Bangladesh central bank official who is part of a panel investigating the disappearance of the funds said Wednesday that a separate transfer of $870 million had been blocked by the Fed, something the Fed refused to comment on. It does not, however, explain why $100 million was released.

Essentially the dispute is about whether the Fed went through the right procedure when it received transfer orders.

Naturally, the Fed's story is that it did nothing wrong. Bloomberg writes that according to a Fed spokeswoman, instructions to make the payments from the central bank’s account followed protocol and were authenticated by the SWIFT codes system. There were no signs the Fed’s systems were hacked, she said.

The problem is that the counterparty on the other side of the SWIFT order was not who the Fed thought, and what should have set off red lights is that the recipients was not the government of the Philippines but three casinos!

On the other hand, Bangladesh is quite - understandably - furious: a local official said the Fed should’ve checked the payment orders with the central bank to ensure they were authentic, even if they used the correct SWIFT codes. The official also said there are plans to take legal action against the Fed to retrieve missing funds.

Aquino spokesman Sonny Coloma said he had no information on reports that funds from the Bangladesh central bank reached the Philippines. The case is being handled by the AMLC, an independent body, Coloma said. Bangko Sentral ng Pilipinas Governor Amando Tetangco, who heads the AMLC, did not reply to mobile-phone messages seeking comment.

If at this point flashing light bulbs are going off above the heads of some of our more industrious readers, we can understand why: after all if a fake SWIFT money order is all it takes to have the Fed send you $100 million dollars then...

* * *

Separately, a Reuters report digs into the details of the SWIFT wire requests: it notes that the hackers breached Bangladesh Bank's systems and stole its credentials for payment transfers, two senior officials at the bank said. They then bombarded the Federal Reserve Bank of New York with nearly three dozen requests to move money from the Bangladesh Bank's account there to entities in the Philippines and Sri Lanka, entities which as will be revealed shortly were... casinos.

Four requests to transfer a total of about $81 million to the Philippines went through, but a fifth, for $20 million, to a Sri Lankan non-profit organization was held up because the hackers misspelled the name of the NGO, Shalika Foundation.

Hackers misspelled "foundation" in the NGO's name as "fandation", prompting a routing bank, Deutsche Bank, to seek clarification from the Bangladesh central bank, which stopped the transaction, one of the officials said.

There is no NGO under the name of Shalika Foundation in the list of registered Sri Lankan non-profits. Reuters could not immediately find contact information for the organization.

Luckily, the Fed stopped some of the $1 billion in total requested funds. The unusually high number of payment instructions and the transfer requests to private entities - as opposed to other banks - raised suspicions at the Fed, which also alerted the Bangladeshis, the officials said. The details of how the hacking came to light and was stopped before it did more damage have not been previously reported. Bangladesh Bank has billions of dollars in a current account with the Fed, which it uses for international settlements.

The transactions that were stopped totaled $850-$870 million, one of the officials said. At least$80 million made it through without a glitch.

* * *

Meanwhile, back in the Philippines, the gaming regulator said it is investigating reports that as much as $100 million in suspicious funds were remitted to the bank accounts of three casinos it didn’t identify.

The Philippine Daily Inquirer has led reporting on the theft. It wrote last month that cash may have entered the Philippines via the Jupiter Street, Makati City, branch of Rizal Commercial Banking Corp. The money was converted into pesos and deposited in the account of an unidentified Chinese-Filipino businessman who runs a business flying high net worth gamblers to the Philippines.

The funds were used to buy casino chips or pay for losses at venues including Bloomberry Resorts Corp.’s Solaire Resort & Casino and Melco Crown Philippines Resort Corp.’s City of Dreams Manila, according to the paper. There was no suggestion in the report the banks or casinos named were complicit with any improper movement of funds.

In other words, the Fed was funding gamblers, only these were located in Philippine casinos, not in the financial district. Ironically, that's precisely what the Fed does, only it normally operates with gamblers operating out of Manhattan's financial district.

Bloomberry Resorts investor relations director Leo Venezuela and City of Dreams Manila Vice President Charisse Chuidian didn’t reply to calls and phone messages.

And then, once the "gamblers" were done having their fun laundering freshly received Fed money, they moved the cash offshore: funds were later dispatched into accounts outside the Philippines, the paper said, including to Hong Kong. The Hong Kong Monetary Authority declined to comment, as did the Hong Kong police. The Inquirer separately reported the head of the Rizal branch where the transactions occurred had made a statement that top bank officials were aware of the transactions “at every stage."

Were the banks in on this unprecedented theft? Probably, although it will be nearly impossible to prove.

Rizal’s shareholders “are fully committed to comply with all banking laws and regulations, in particular those on money laundering,” Vice Chairman Cesar E.A. Virata said in a statement Wednesday. In a separate statement, the bank’s Chief Executive Officer Lorenzo Tan condemned “any insinuations that the top management of the bank knew of and tolerated alleged money laundering activities in one branch.”

* * *

The exact amount stolen from Bangladesh is still not exactly clear, as is what happens next in the dispute with the Fed.

While Muhith said the Fed was responsible for at least $100 million, another Bangladeshi central bank official who asked not to be identified said $20 million of a $101 million total had been recovered from an account held in Sri Lanka, leaving $81 million unaccounted for. That figure matches the amount Rizal’s Virata said the bank was investigating.

What we would like to know, is whether this is merely the Fed's way of testing its level of preparedness for the moment it has to wire helicopter money around the globe, in lieu of using drone delivery of cash, especially if cash has been banned previously as so many "famous economists" demand, clearly unaware that cash has to be present when in the last ditch step to boost inflation, the Fed has no choice but to hand out physical money to every willing recipient.

For a few lucky recipients in the Philippines, it already worked out.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
Pew Pew Pew's picture

There is absolutely ZERO accountability in the Federal Reserve System.

Where are the NY Fed's servers located?  Janet Yellen's basement?

Stuck on Zero's picture

Holy sh**t. If I want $5K from my bank they call in the manager.

813kml's picture

Waving a gun will do that.

NidStyles's picture

Things that have no value are free for the taking....

Boris Alatovkrap's picture

Federal Reserve is lose $100M from hacker while steal $5T from citizenry. Is very good ROI, no?

macholatte's picture

The whole thing is illusory. 

Why would a CB have “money” on deposit with another CB?  There is nothing physical to store. It’s just electronic credits which could be stored by a clerk on a thumb drive stuck up his ass.

pods's picture

So the CB of Bangladesh was paid a visit by the Ether Bunny?

They only found out afterwords how bad they were fucked.


DownWithYogaPants's picture

Of course the Federal Reserve's server is not in the basement.  It's in the shitter like Shrillary Clintons.    

Where do you think serves out of by the way?

Au_Ag_CuPbCu's picture

"Where are the NY Fed's servers located?  Janet Yellen's basement?"  Close, but no cigar...they're in Hitlery's basement.

Boris Alatovkrap's picture

What better place than basement for debasement!

(Are you see what clever word play Boris is making?)

CrazyCooter's picture

What, no SAR? I will try this the next time they fill one of those fucking things out on me ... its for my casino in the Phillipines! ... oh, no worries then sir, here is your cash!



cheka's picture

"Some 250 central banks, governments, and other institutions have foreign accounts at the New York Fed, which is near the centre of the global financial system," Reuters notes


currency wars?  lmao!  it's one giant squid

SWRichmond's picture

All your motherfucking base are belong to us, bitches.

Mister Ponzi's picture

The Fed is funding gamblers? What's the news?

BuddyEffed's picture

Is Erdogan somehow a part of this?

Theosebes Goodfellow's picture

$100 million? Fucking peanuts. Corzine got off with $1.2 billion. Come back later Pakistan. Jon Corzine is a free man.

jeff montanye's picture

now, now it was only $81 million because the bandits misspelled "foundation".

the fed's not incompetent.

Nutsack's picture
Nutsack (not verified) jeff montanye Mar 11, 2016 5:47 AM

lol, socialist jew banksters steal money every day....why is this news?

JRobby's picture


bania's picture

Good one! Yellen & Co. put the "basement" in "debasement"!

ParkAveFlasher's picture

Wow, total Atlas Shrugged moment here, complete with farty old Bull Dykes atop incompetence pyramids and utter infertility in commerce and finance, diaappearing bulwarks, etc.  I'm waiting for white guys in industrial coveralls to come winging in from Colorado in Cessnas, brandishing crack-shot pistols and crying "gold, bitchez" but I'll probably get Bernie Sanders instead.  I need a drink.

Ghost of Porky's picture

100 mirrion dorra rimit at brack jack taber.

silverliberty's picture

He thought splitting sixes against a ten was a good idea.  They smoke and drink heavily and never sleep.  I will deal with them during my shift and then see them there the next day.  Where they get their money is perplexing to me.  Obviously, I deal to Asians a lot. 

warsev's picture

Case 1: Robber walks into bank says "Gimme $100M." Cashier gives him $100M and he leaves.

Case 2: Robber walks into bank says "Gimme $100M. Take it from Joe Glutz's account." Cashier gives him $100M and he leaves.

In (1) clearly the robber robbed the bank. The Fed would have the world believe that in (2) the bank was not robbed; Joe Glutz was.

sgt_doom's picture

Because it is safer there, after all don't you remember that missing $8.7 billion in Iraqi oil funds, supposed to be on account with the FRBNY (under chair, Geithner), managed under contract by JPMorgan Chase (managing director, Daniel Zelikow, Timmy's BFF), but somehow went missing, and the former Ex-Im Bank chair, Philip Merrill, would later commit "

suicide” just before he was to give an interview to several reporters on this subject --- he was out on his yacht in the Chesapeake Bay, and he blew off the back of his head with a shotgun, then picked up a 300-lb. anchor, dived into the ocean and swam 12 miles then anchored down his body --- pretty good for a fat, elderly, short old guy?

Amazingly, Dick Cheney just happened to purchase an estate (adjoining Rumseld’s) in direct line-of-sight to where they found Merrill’s anchored body!

pods's picture

I was gonna say blame it on the Gentile, but I guess Phillip Merrill had a last name.  

Guy gave away a lot of loot too. I was just at a wedding this summer across from the Cornell sailing center.


Tucson Tom's picture

There are black suburbans on their way to ST.Michaels to find out how much more you know.Watch your back,Sgt.!!! Sort of Paisley and Colbyesque. don`t they teach swimming at the Agency?

knukles's picture

I'd actually had dinner with a retired Bill Colby along with a couple other guys many may years ago.  Then a few weeks later I saw him again when he came into our shop for a presentation.  Not long after, he was found drowned.  He was quite a nice chap, seemed rather meticulous, polite and gentlemanly and had definitely impressed me as a guy who'd not take silly or risky chances.  Whole thing seemed off.

WillyGroper's picture

maybe just a jump start on Walpurgisnacht.

blood sacrifice and all.

logicalman's picture

On September 10, 2001 Donald Rumsfeld announced that the Pentagon can't account for $2.3 TRILLION.

I guess that story needed to be hidden in the biggest possible way.


AE911Truth's picture

On May 09, 2001 at the National Press Club in Washington DC, Steven Greer introduced dozens of highly credible witnesses from fields of commercial and military aviation, intelligence, other military, and private industry who swore under oath that they had direct personal knowledge of extra-terrestrial intelligent beings and their craft, and that the US and other governments intentionally hid evidence of this from the public. Among the technologies discovered aboard these craft were a clean source of energy that consumes no fuels, and that this technology if deployed on earth would eliminate the damages from contamination and pollution, and eliminate the cost to everyone globally, of coal, oil, gas and nuclear fuel industries.


I figure this suppression is the biggest crime in the history of mankind. What do you think?


What are you going to do about it?

Winston Churchill's picture

The money never leaves the SWIFT HQ in Brussels.

I believe they used to square up accounts on a monthly basis,prolly still use real ledger books.

Atomizer's picture

It's campariable to selling PET rocks as a asset increase of 20% year.they're so fucked in the derivatives lies.

Firepower's picture

WELCOME Bangladeshis to doing business (bubby) in the Wonderful World of Manhattan Goldberg-Sachs!

Slomotrainwreck's picture

$100, 000,000? You aint so bad! 

Shit. that's only around $0.1 Trillion. U aint nuffin.

ImmodestExtant's picture

0.0001 trillion, actually. Another great product of modern education.

Flankspeed60's picture

How did you get such good credit? If I just walk in the door they call the manager..............

BennyBoy's picture

"The problem is that the counterparty on the other side of the SWIFT order was not who the Fed thought, and what should have set off red lights is that the recipients was not the government of the Philippines but three casinos!"


Da FED is used to sending $ to private and public big corporations and companies. No red flags needed.


Another Aquino running the Phillipines? What's their cut on this transaction? Thats like a Bush or Clinton twit in charge. Does Aquino have a non-profit?

BorisTheBlade's picture

accountability fedstyle:

aaaaand it's gone. please step aside, this line is for countries that have money.

misappropriated money from one of the poorest: as per usual.

Terra-Firma's picture

Electronic transfers are traceable. I call bullshit.

pods's picture

Nah, they are like airline puts......

Urban Roman's picture

Exactly. They just disappear into the ether.

Nobody could have possibly known this would happen . .

BurningFuld's picture

One would think a Boeing 767 was traceable too but apparently not.

THE SOLUTION IS DEBT FREE MONEY CREATION (not verified) Terra-Firma Mar 10, 2016 3:53 PM

But once you convert it to chips and put it all on red then cash out it is clean as a whistle! Great plan actually!! I would have taken a cut to help them spell check the english!!! :)

localsavage's picture

"Electronic transfers are traceable. I call bullshit"   It is funny that they can figure out that some Mom and Pop store is depositing in 10k drops but we are supposed to believe that a hundred million of electronic transfers just up and vanishes.  Fuck them all with a broken bottle.

sgt_doom's picture

I ran across them on cached sites all the time when I'm researching the Web. . . (not kidding, but dead serious about this).