Trail in cyber heist suggests hackers were Chinese: senator

Bangladesh central bank

By Karen Lema

MANILA (Reuters) – A Philippine senator said on Wednesday that Chinese hackers were likely to have pulled off one of the world’s biggest cyber heists at the Bangladesh central bank, citing the network of Chinese people involved in the routing of the stolen funds through Manila.

Unidentified hackers infiltrated the computers at Bangladesh Bank in early February and tried to transfer a total of $951 million from its account at the Federal Reserve Bank of New York.

All but one of the 35 attempted transfers were to the Rizal Commercial Banking Corp (RCBC), confirming the Philippines’ centrality to the heist.

Most transfers were blocked, but a total of $81 million went to four accounts at a single RCBC branch in Manila. The stolen money was swiftly transferred to a foreign exchange broker and distributed to casinos and gambling agents in Manila.

“The hacking was done, chances are, by Chinese hackers,” Senator Ralph Recto told Reuters in a telephone interview. “Then they saw that, in the Philippines, RCBC particularly was vulnerable and sent the money over here.”

Beijing was quick to denounce the comments by Recto, vice chairman of the Senate Committee on Finance and a former head of the Philippines’ economic planning agency.

The suggestion that Chinese hackers were possibly involved was “complete nonsense” and “really irresponsible,” Chinese foreign ministry spokesman Lu Kang told reporters.

Recto said he couldn’t prove the hackers were Chinese, but was merely “connecting the dots” after a series of Senate hearings into the scandal.

At one hearing, a Chinese casino boss and junket operator called Kim Wong named two high-rolling gamblers from Beijing and Macau who he said had brought the stolen money into the Philippines. He displayed purported copies of their passports, showing they were mainland Chinese and Macau administrative region nationals respectively.

“BEST LEAD”

Wong, a native of Hong Kong who holds a Chinese passport, received almost $35 million of the stolen funds through his company and a foreign exchange broker.

The two Chinese named by Wong “are the best lead to determine who are the hackers,” said Recto. “Chances are… they must be Chinese.”

The whereabouts of the two high-rollers were unknown, Recto added, saying the Senate inquiry “may” seek help from the Chinese government to find them.

Recto also questioned the role of casino junket operators in the Philippines, saying many of them have links in Macau, the southern Chinese territory that is the world’s biggest casino hub. “There are junket operators who are from Macau, so it (the money) may find its way back to Macau,” he said.

A senior executive at a top junket operator in Macau told Reuters there was “no reason” to bring funds from the Philippines to Macau.

“This seems more like a political story in the Philippines,” he said, speaking anonymously because he was not authorized to talk to the media.

The U.S. State Department said in a report last month that the gaming industry was “a weak link” in the Philippines’ anti-money laundering regime.

Philrem, the foreign exchange agent, said it distributed the stolen $81 million to Bloomberry Resorts Corp, which owns and operates the upmarket Solaire casino in Manila; to Eastern Hawaii Leisure Company, which is owned by Wong; and to an ethnic Chinese man believed to be a junket operator in Manila.

Wong has returned $5.5 million to the Philippines’ anti-money laundering agency and has promised to hand over another $9.7 million. A portion of the money he received, he said, has already been spent on gambling chips for clients.

Solaire has told the Senate hearing that the $29 million that ended up with them was credited to an account of the Macau-based high-roller but it has managed to seize and confiscate $2.33 million in chips and cash.

(Writing by Andrew R.C. Marshall; Additional reporting by Farah Master in Hong Kong; Editing by Raju Gopalakrishnan)

Romania Focus Of Data Breach Investigation

Investigators looking into the massive data breach at Target and Neiman Marcus stores originated in Romania.

The total of customers whose personal data was stolen in a hacking attack on retail card machines continues to climb.  The latest reports now put the total over 110,000 potential victims of the hacking attack.

The FBI and U.S. Secret Service officials say that over the last year they have been involved with numerous arrests in Romania connected to hacking attacks on U.S. computers.  The rise of cybercrime has been so significant that the Council of Europe has opened an office in Romania’s capital focused on cybercrime.

The U.S. Embassy in Romania said that 80% of cyber attacks from Romania focus on American citizens.  They estimate $1 billion a year is stolen by Romanian hackers.

6 New York Cybercriminals arrested for stealing $45 million

Six people were arrested and charged Monday for stealing $45 million in a worldwide ATM heist.

The five men and one woman were accused of being members of an international cybercriminal organization that targeted prepaid debit cards issued by Middle Eastern banks. They deleted withdrawal limits from compromised accounts then sent teams of “cashers” to make synchronized withdrawals from ATMs worldwide. The six that were arrested visited over 140 ATMs in New York City and withdrew approximately $2.8 million.

“This case is another example of the ability of cybercriminals to inflict significant damage to world financial systems,” said Steven Hughes, Special Agent in Charge of the United States Secret Service New York field office.

Five of the defendants have pleaded not guilty in federal court. The sixth defendant is expected to be arraigned Tuesday. Each person faces up to 7.5 years in prison and a fine of up to $250,000.