Woman Used As Pawn In Bangladesh Cyberheist?

SHUTTERSTOCK

The plot thickens in the investigation of the Bangladesh hack.

A Sri Lankan small business owner, who received $20 million of the $101 million that was stolen from Bangladesh Bank’s account at the Federal Reserve Bank of New York last month, is claiming to have had no knowledge of the funds’ disreputable path to her.

The woman, Hagoda Gamage Shalika Perera, told Reuters that the $20 million deposit, in and of itself, was not a surprise, as she had been expecting that amount to be transferred to the account of her Shalika Foundation, which constructs low-cost houses and provides other social services in Sri Lanka, from the Japan International Cooperation Agency (JICA) to help fund a power plant and other projects.

The wrinkle here is that Perera claims to have had no direct dealing with JICA and the arrangement was brokered by an acquaintance.

JICA, meanwhile, has stated plainly that it has no knowledge of the deal Perera describes, with agency spokesman Naoyuki Nemoto telling Reuters, “We have had no exchange with [the Shalika Foundation], and that includes such areas as loans and grants.”

Perera’s explanation is that the aforementioned acquaintance was either a victim of the hackers or was acting in league with them; in either case, Perera attests that she was set up by the cybercriminals.

On a copy of an inward remittance advisory from the SWIFT bank messaging system to deposit the $20 million in Perera’s account that she provided to Reuters, the remitting entity was shown as the Bangladesh Rural Electrification Board — the head of which is, like JICA, not exactly supporting Perera’s version of events.

Agency Head Brigadier General Moin Uddin commented to Reuters, “Maybe [the hackers] used this government organization’s name to make it believable.”

Police in Colombo, Sri Lanka, have questioned Perera’s acquaintance, and he reportedly told them that there was yet another middleman involved in the deal. So, things appear to be going in circles.

While the mystery looms as to whether Perera was a willing participant in the Bangladesh hack or, as she attests, an unwitting pawn of the cybercriminals behind it, she — along with her husband, four directors of her company and the unnamed acquaintance — is under an order from the Colombo Magistrate’s Court that prevents her from leaving the country.