Bangladesh Bank reclaims $15m from casino following $81m cyber heist

Embarrassed Bangladeshi central bank claims back some of the money lost in February's cyber attack

Bangladesh Bank, the central bank that lost $81m in a cyber heist perpetrated in February, is set to reclaim $15m of its lost money from a casino in Manila, the Philippines, where the thieves attempted to launder some of the stolen funds.

It follows a ruling in September that the Bank was the rightful owner of the $15m surrendered by the Eastern Hawaii Leisure Company. Its owner, Kim Wong, returned the $15m in a combination of US dollars and Philippines' peso taken from what Reuters describes as "two Chinese high rollers". The casino, though, has denied any role in the theft.

The funds are now in the vaults of the Philippine central bank, awaiting transfer back to accounts belonging to Bangladesh Bank.

"The writ of execution that the money be handed back to Bangladesh has already been done by the court," John Gomes, Bangladesh's ambassador to the Philippines, told Reuters. "The good thing is now that the process on this $15m is more or less completed, we will go for the rest."

It is unlikely, however, that Bangladesh Bank will be able to trace much more, although it could take legal action against other organisations suspected of helping to launder the stolen funds.

Bangladesh Bank lost the money in February this year when it was subjected to a cyber attack that enabled the attackers to use its SWIFT international payments terminals to set-up a series of transfers totalling $951m.

The payments, set-up on a Friday - the start of the weekend in Bangladesh - were made via the Bank's account with the New York Federal Reserve to a series of different 'front' accounts in the Philippines and Sri Lanka.

Because the transfers were timed to take place at the weekend, officials at both the New York Federal Reserve and Bangladesh Bank struggled to contact each other to confirm or halt the transfers.

The series of transfers was only suspended after a clerk at one of the correspondent banks forwarding one of the transfer spotted an egregious spelling mistake in the name of one of the beneficiary accounts.

The malware used by the fraudsters had also been used to delete records of the transfers from audit print-outs used to double-check transfers at Bangladesh Bank.

The Bangladesh Bank heist only came to light in April, two months after the attacks, and it subsequently emerged that it was just the biggest of a series of attempted cyber attacks targeting banks and the SWIFT payments system.