B'desh sleuth team here:

Breakthrough in Bangla bank cyber heist

by Manjula Fernando

Bangladesh Central Bank - thedailystar.net

Kim Wong gives evidence at the Senate probe on the Bangladesh bank heist on Mar 29, 2016. - AFP

Part of the recovered money - bdnews24.com

Shalika Perera, founder of Shalika Foundation

A team of Bangladeshi investigators on the trail of the missing million dollars from Bangladesh Central Bank arrived in Sri Lanka last Wednesday, amidst indications that they were more interested in finding the missing pieces in the puzzle, than pursuing criminal charges against the benefactor, Shalika Foundation.

With a mission to hunt down the mastermind or masterminds behind the massive cyber heist, the investigators were roaming in the Philippines and Sri Lanka last week, two months after a group of cyber criminals penetrated Dhaka's top bank and siphoned off millions of dollars.

Asked if they were planning to prosecute Sri Lankan suspects in Bangladesh, Subhankar Saha, Executive Director and Spokesperson for Bangladesh Bank told the Sunday Observer, "As the money has been returned, the Bangladesh Bank has no further interest in criminal procedure in that regard."

The Executive Director said the amount of the money transferred to Sri Lanka has been returned to the corresponding bank immediately as the transaction was blocked.

The Lankan transaction was blocked as a result of a diligent teller at the Pan Asia Bank Bambalapitiya branch. The unusual transfer to the Sri Lankan non-profit organisation and also a typo that read 'Foundation' as 'Fundation' goaded him into action. His attempt to verify the transaction triggered a chain reaction leading to the expose of a massive cyber attack on the Bangladesh Central Bank, just as it unfolded.

Wrongdoing

Shalika Perera, the founder of the Foundation, however, rejected this claim, saying "It was we who told the Bank to return the money, as we could not get the verifications on this transaction. The Bank told us the funds have come from Bangladesh and not from Japan International Cooperation Agency (JICA)," she told the Sunday Observer last week.

Vehemently denying any wrongdoing, Shalika said she should receive a token of appreciation for returning the money since most of the stolen US $ 81 million in the Philippines, is still untraceable.

"I wrote a letter of consent to return the money on February 12, when I heard that there was something wrong in the transaction," she said.

Shalika, a young business woman and mother of a child said she set up the Foundation to fulfil her dreams of becoming a politician one day and that she would not do anything to jeopardise her future.

She believed she was getting a grant from JICA through a middleman whom she had known for over a year, to fund an electrification project. The person was Priyankara Jayadeva who is alleged to have brokered this US$ 20 million grant from JICA.

It was to be split between Shalika Foundation and a low income housing project that Jayadeva was involved in. He was to retain US $ 11.12 million. However, JICA has denied any ties with the Foundation.

International hackers

"When Jayadeva brings down potential investors (Japanese nationals) to Sri Lanka, I facilitate their stay here spending a lot of money. I had no reason to suspect him," Shalika said denying Jayadeva or his Japanese colleague might be a party to international hackers. However, he had been out of contact since the story broke out and some of her claims need verification.

"They coordinated the project with four or five others and I think their names should be exposed," she said.

The businesswoman claimed that she met a Finance Ministry secretary three days after she received the money to get his advice on the transaction. The transfer of funds were made on February 5.

She also claimed that one of her companies was allegedly 'coordinating investors' for Lalith Kotelawela's wealth. She admitted her non-profit organisation was not registered with the NGO Secretariat since it was only a Foundation. But for official purposes she had visited the Secretariat on a number of occasions. "If they said they did not know about the Shalika Foundation, they are lying," she said.

Steal its credentials

When the news broke of the cyber heist implicating Shalika Foundation the NGO Secretariat denied that it existed. According to Shalika, Jayadeva had gone to Japan with his brother many years ago and later married a Japanese woman.

He shuttles between Sri Lanka and Japan on business. He and his Japanese partner, Thadasi Sasuki together run Hypak (Pvt) Ltd. and he resides in Tissamaharama.

Shalika Foundation would have received another US $ 25 million payment in a week's time, if the first transaction went ahead as planned. Jayadeva told her to expect another grant after the first one.

In the coming days, the Bangladeshi Bank heist probe might take a major turn as investigators suspect the hackers may have received inside help to penetrate the Bank's system and steal its credentials for SWIFT messages. The Dhaka Tribune reported the CID believes some bank officials at the Central Bank might have facilitated the hackers. Meanwhile, the Chinese Casino junket operator in Manila, Kim Wong who is embroiled in the case was summoned before the Philippines Senate for the fourth time. Bangla newspaper Prothom Alo reported Wong as saying that he received the money from two gamblers in Macau and Beijing.

He has returned US $ 4.63 million out of US $ 5 million transferred to him through a foreign exchange broker and has promised to return what is left of another US $ 21 million which came to one of his bank accounts to buy gambling chips.

The balance had been received by another Casino operator in Philippines. Casinos in Philippines are outside anti-money laundering laws.

The hackers walked away with US$ 81 million, way short of their targeted US $ 1 billion after the Shalika Foundation debacle. The Federal Reserve Bank of New York had apparently received over 30 SWIFT messages using stolen credentials and codes to transfer Dhaka funds to accounts in different countries and the Fed Reserve had complied.

The Fed Reserve said they received fully authenticated SWIFT messages and their system was not compromised at any level.

The investigators believe that the hackers gained control of the Bangladeshi Central Bank's system with a malware known as Remote Access Trojan. It helped the cyber criminals to gain remote control access to the Bangladeshi Central Bank computers and steal credentials to authenticate illegal transactions from the Federal reserve.

Court order

A spokesperson for the Bangladeshi High Commission in Colombo Ms.Maleka Parveen told the Sunday Observer that a team from the Bangladeshi Criminal Investigations Department arrived in the country on Wednesday afternoon.

The three-member team includes a woman officer. When contacted by the Sunday Observer she said they were prepared to speak to the media after they conclude their investigations in Colombo in a few days.

The Court on the request of Sri Lanka's CID has imposed a travel ban on Shalika Perera, her husband, middleman Jayadeva and four directors but the Foundation and four other companies registered under her name - Suulaa House Private Ltd., Ads Media Private Limited, Oraz International Property Developers and Construction Private Limited and Pradeep Auto Parts Private Limited face no restrictions to operate, she said. There was a court order to freeze her bank account but it was lifted after a week. According to her, none of the projects planned by her since the Foundation was set up on October 7, 2014, has seen the light of day due to financial constraints.

Meanwhile, the Financial Intelligence Unit (FIU) of the Central Bank and the CID refused to divulge any details of the case saying investigations were still ongoing.

Special credit: Badruddoza Babu Special Correspondent, Maasranga Television Dhaka, Bangladesh assisted in compiling the copy.