How to STEAL $1bn - A look at the Bangladesh Bank Heist

cybercdh
cybercdh
9,402
0
Published 2021-05-18
The #Bangladesh Bank Heist is one of my favourite TRUE stories from the world of #Cyber Security. It's almost unbelievable and if it doesn't turn into the plot of an "Ocean's 11" movie one day, then I'll eat my hat. Here I talk through some of the key #malware features and hopefully give you an insight into what it's like to examine malware that is capable of stealing a billion dollars!!

LINKS
=====
www.justice.gov/opa/press-release/file/1092091/dow…
baesystemsai.blogspot.com/2016/04/two-bytes-to-951…

MALWARE SAMPLE
================
app.any.run/tasks/d2132438-bb0e-4eb4-88ee-7c12dfcd…

20% FEITIAN DISCOUNT
===================
Feitian recently sent me some FIDO2 hardware security tokens to use and I absolutely love them. They're super-secure, easy to use and can completely eradicate the threat of phishing. Please check them out below and you can receive 20% Discount at the checkout.

www.ftsafe.com/products/FIDO
20% Discount Code "Colin-20"

FOLLOW FOR MORE
=================
If you liked the video, hit the thumbs up. If you loved it, please subscribe.
Also follow me on twitter.com/cybercdh

✌️

Colin
@cybercdh
All Comments (21)
  • @jorgga
    Most underrated channel of the Youtube. Great content. Really interresting. Never give up!
  • @para0x0dise
    Great contents as usual I hope to share more federal indictments
  • @andrewfraser2760
    Nice one Colin - would like to see a much more in-depth dive into this attack.
  • @soufianefariss
    You looked really excited explaining the analysis. I enjoyed watching the video. Cheers.
  • @piorrro33
    awesome video, it's very clear that you keep improving. rhythm was great, sound was good, video supports were appropriate all along. loved it
  • @HamzaOuadiaprofile
    High Colin, great stuff as always. I looked for an MSI downloader sample analysis in your channel. Would you please make a video about how to approach this time of malware and specially how to extract Custom Actions from it Thank you for the great content
  • @m4rx05
    That was enjoyable. Looking forward to more! :)
  • @bizbouk
    Sorry for turning up late to this one! Another great deep dive Col’ as always! Hope you keep well?
  • @mattlebutter9162
    Regarding the assembly where the RC4 is identified, how do you first narrow down on the interesting parts and end up looking at the right pieces of disassembled code ?
  • @Elkatook666
    great video , as always people STOP opening links at work !
  • @nazmulgani3776
    Is it possible without the involvement of SOMEONE inside the BB.......?????