How do you steal $81million of ‘virtual’ money and make it disappear into the real world’s financial system? That’s the puzzle which authorities from the USA to the Philippines have been trying to decipher, and it involves a daring and cunning plot running all the way from banks of Bangladesh, through the hands of Chinese middlemen and the gambling rooms of Macau – and quite possibly ending up in the coffers of North Korea for their nuclear programme!
It’s a plot which any thriller writer would be proud to invent, a late-Friday afternoon bank hack and a Monday Chinese New Year timed to catch the security measures at, well half-measure – and the intent was to escape with more than ten times the amount which was eventually stolen – $951 million of the Bank Of Bangladesh’s reserves was there for the taking, and it was only a flagging switch which saved the rest from greedy hackers’ hands.
The Money is Gone
It all dates back to February 2016, although the planning for the world’s biggest cyberheist had obviously been in place for much longer, and it involves bank employees, gambling junket operators and casino owners, shadowy online hacking group Lazarus and all the way to identity theft, false signatures and convicted criminals.
‘Sums ranging from $6,000,039.12 to $30,000,039.12 went zipping from the New York Fed through Citibank, Wells Fargo, and the Bank of New York-Mellon,’ is how the Bloomberg report on the massive heist describes the first moves of the money after hackers had somehow managed to divert the Bangladeshi banks funds to fake accounts in the Philippines.
‘What’s required in the case of a theft like the one … is a mix of hacking wizardry to divert the money and some old-school laundering to clean it and cover the trail,’ Bloomberg stated, and Chinese junket operator Ding Zhe and his partner Gao Shuhua, according to investigators, were the old-school middlemen money launderers who used real and shell companies to funnel the stolen millions through the baccarat tables of Macau and beyond.
As the authors of the incredibly detailed investigation explain:
“The important thing for anyone looking to launder money through a casino isn’t to win. It’s to exchange millions of dollars for chips you can swap for cool, untraceable cash at the end of the night.”
And that’s exactly what Zhe and Gao did, using the cover of their junkets for Chinese businessmen, which have been detailed in many articles on these pages by myself among others. The junket operators and their backers front the money in Macau, the Triads enforce the debts back in China – simple and very effective.
Investigations and disappearances
This time, however, the sums were so large and the ‘players’ taken for a ride – the US and other countries banking system – that the full force of every major law enforcement agency were hot on their heels.
While the middlemen were essentially ‘disappeared’ by the Chinese authorities – Gao’s wife Yan claiming that police took her husband away ‘to a detention center in Ding’s home region,’ and was told by cops, “Don’t bother calling a lawyer” – others involved in the massive and audacious plan have been facing public hearings and criminal investigation, although the money is mostly long gone into the murky world of Macau and Chinese financial systems.
The North Korean Connection
But it’s the end point of the $81million which is the scary part of the story – and what befits the ‘thriller plot’ alluded to earlier – North Korea, home to Kim Jong-Un and the shadowy state-funded Lazarus hacking group who are cybercriminals number one on the world’s most wanted lists of online criminals.
“It’s a clear fact that these menacing groups are continuously preparing or attempting attacks on the financial sector,” South Korea’s government-funded Financial Security Institute said about Lazarus and related hacking rings in July’ claim Bloomberg, adding that: “About 90 percent of North Korea’s trade is with China”.
Steve Vickers, former head of the Hong Kong Police Force’s Criminal Intelligence Bureau who was interviewed by Bloomberg, stated that:
“Macau was traditionally one of the few locations where the Pyongyang government has managed to maintain covert bank accounts and interact with the global financial system’