‘Danger is over’: Bangladesh 'thwarts' cyber-heist bid by North Korean hackers

Bangladesh has blocked a bid to steal money from banks through cyber-attacks by a North Korean group of hackers called the “BeagleBoyz”, says the head of the government’s Computer Incident Response Team or CIRT.

Abdur Rahim Badal Chief Economics Correspondentbdnews24.com
Published : 8 Sept 2020, 06:21 PM
Updated : 8 Sept 2020, 06:24 PM

“There is nothing to be afraid of now. The danger is over,” said Tarique M Barkaullah, who directs the CIRT.

The US had recently alerted the banks around the world that the North Korean hackers were trying to steal money through transfers and cash withdrawals from ATMs.

Later, when the Bangladesh Bank warned about the risk of cyber-attacks, the banks limited online transactions in a move to ward off the threats.

Malware of “BeagleBoyz” had been found in three internet networks in Bangladesh, Barkatullah told bdnews24.com on Tuesday.

“The attackers mainly targeted the banks through the ISP networks. It has caused panic among the bankers,” he said.

The hackers could not steal money from the banks because the bankers took “proper” cautionary steps under the supervision of Bangladesh Telecommunication Regulatory Commission, the CIRT director said.

The bankers, however, were still being cautious, with online and ATM transactions suspended during night time in many of the banks after they received the central bank’s warning on Aug 27.

“The banks have taken the required measures. Nothing unwanted has happened yet,” said Serajul Islam, the spokesman for Bangladesh Bank.

Ali Reza Iftekhar, the chairman of the Association of Bankers, Bangladesh or ABB, said the banks put in place safeguards on their own following the warning.

Dutch-Bangla Bank has kept ATM services suspended from 11pm to 7am since last Thursday.

City Bank has also halted ATM transactions for the same period as the National Payment Switch and Bangladesh Electronic Funds Transfer Network pause services at 8pm every day.

City Bank is not allowing transactions through cards issued abroad either.

“These actions may cause the customers trouble, but these are part of security measures,” said Mashrur Arefin, the managing director of the bank.

One of the three networks where the malware was found is FASTCash 2.0.

The hackers tried to upload some files containing malware with a primary target to detect Point of Sales and ATM transactions and amounts of money stored in the ATMs, said Barakatullah.

The CIRT in an alert on its website published the names of files with a possible threat.