Five Foreign Nationals Found Involved in BB Heist, Says CID

Aug 17, 2025 05:27 0

Five Foreign Nationals Found Involved in BB Heist, Says CID
Photo: Collected

Daily Bijoy News Correspondent:

CID Finds Nationals from Five Countries Involved in 2016 Bangladesh Bank Heist Nationals from five countries were involved in the 2016 cyber heist of Bangladesh Bank’s reserves, according to a senior official from the Criminal Investigation Department (CID), the lead agency investigating the case. The foreign individuals implicated in the theft are from Sri Lanka, the Philippines, China, and the United States, the CID official said, requesting anonymity due to the sensitivity of the investigation.

The nearly decade-long probe has also uncovered the involvement of several Bangladesh Bank officials and employees, particularly from its Information and Communication Technology (ICT) Department. Some high-ranking officials of the central bank are also suspected of direct complicity, the official added.

The heist, one of the largest in cybercrime history, occurred in the early hours of February 5, 2016. Hackers used a sophisticated malware—deliberately activated from within the central bank’s ICT department—to gain access to Bangladesh Bank’s account with the Federal Reserve Bank of New York. They attempted to steal approximately $1 billion, of which $101 million was successfully transferred.

Most of the laundered funds were funneled through the Philippines' loosely regulated casino industry, taking advantage of weak oversight and banking secrecy laws. About $81 million was routed to the Philippines, while $20 million was sent to Sri Lanka. The Sri Lankan portion was recovered quickly, but the recovery of funds from the Philippines has been more difficult. So far, Bangladesh has been able to retrieve around $18 million.

The CID official noted that the investigation is in its final phase, and a charge sheet will be submitted soon. The FBI’s forensic report—detailing technical evidence and conclusively confirming foreign involvement—will be included in the submission. A formal request has been made to the FBI to provide an official copy of the report.

The case, initially filed on March 15, 2016, at Motijheel Police Station under the Money Laundering Prevention Act, was later transferred to the CID. Investigators have since examined over 100 witnesses and analyzed extensive technical evidence, including IP addresses, transaction records, network logs, and traces of the Dridex malware used in the attack.

The investigation has shed light on the international nature of the crime, the weaknesses in Bangladesh’s cyber infrastructure, and how insiders played a critical role in enabling the breach.

“We are working to ensure that the charge sheet is strong enough to bring the perpetrators to justice—both domestically and at the international level,” a senior CID official said.

The investigation has been a joint effort involving the CID, the FBI, the Philippines’ National Bureau of Investigation (NBI), and the Central Bank of Sri Lanka.

Daily Bijoy News/ EW