As a computer programmer, Swift is amazing, they use pretty weak identifiers (all textual, person/company name, bank name, bank address), and yet the whole system works perfectly as if based on hard unique identifiers.
@@tomlxyz I'm implying that because it's about money, everything is double checked and triple checked and very very few people actually have access to the swift system.
@@manu144x imagine being at a party and somebody asks what you do for a living and you have to say: "Oh, you know, nothing glamourous, I check bank transfers for typos. All in a day's work for stopping bank heists"
That’s how the Printer companies make their money- you don’t seriously think there is a serious profit margin on a $59 multifunction inkjet printer? The printer is the loss leader. It’s the ongoing revenue from ink sales that are the real revenue stream. It’s just like new cars and buying new car parts car headlights on new cars are insanely expensive, as no aftermarket manufacturer makes them for at least the first three years, so the car manufacturer has the monopoly on car parts for new cars…
Screw ink-jets, I got a nice Canon laser printer instead. It print pages in less than 5 seconds with perfect laser sharp lines and gray-scale graphics. Oh, and the toner costs me about hundred bucks per year, sometimes less. :)
@@hotstepper6303 for real though, how dare they slander that printer we fellow humans will usually always be the weakest link in any cybersecurity aspect of a job
Without the printer they prob would have not gotten much of anything, the printer was a great decoy that people were focused on rather than being focused on their jobs, seriously it was a pivotal piece.
The majority of the heist was based on them doing it when no one was in the office because of the weekend and holiday. Printer could of printed it right there and then but it makes no difference if no one is there to read the print outs.
it's a terrible video and clearly he has no idea what he's talking about, it's just cool visuals and "oh there's this impenetrable system and these hackers found their way in, and also theres a printer" like lol. just shows that ppl would watch anything if the story is linear enough and the visuals look nice
Actually, the team behind Fern made a video about this, but only on their German channel. However, I feel like the quality of the cypher video is actually higher. Incredible job!
I'm from the Philippines and I remember this story way back 2016. The Branch Manager of that RCBC Bank was charged and now facing 30 plus years in prison time, she appealed the case last 2019 and was denied by the Court of Appeals citing that all elements of money laundering was present and reiterate that she knew that the transaction is fraudulent. I guess she received a huge amount for this money laundering transaction.
Whoa!! So although this video presented so many genuins moves by the hackers, at the end of the day if there wasn't corruption on the ground level it would've been impossible? Or was she just an innocent person pushed out as scapegoat lol, which honestly feels possible too
@@millienexu5684na it’s definitely corruption, otherwise it would be impossible for newly opened personal account to receive such a large sum without getting flagged and checks for suspicious activities.
Who still allowed e-mails with attachments to directly pass through to employee mailboxes in 2015 simply doesn't deserve any better. In our company, not even HTML messages are allowed to pass through to employee accounts. Employees only get plain text e-mails, never anything else. If the mail contains no plain text message, the incoming mail server translates the HMTL text to plain text before forwarding it. If there are attachments, those are stored on an extra server and are then stripped from the mail. Even if hackers manages to hack the incoming mail server, it's outside of the internal network (before the main firewall) and has no access to anything internally. It can only forward messages to the internal mail server (that will drop all mails containing attachments or HMTL immediately without further notice) and it can upload attachments to the attachment server (there is no external interface for downloading attachments). So even if attackers get total control of the incoming mail server, they cannot access attachments from any other mails and if they disable stripping HMTL/attachments, then these mails never go anywhere as the next server in the process chain will just drop them without even trying to process them. There is no way you can hack into our network by using an exploit in HMTL mails or by adding malicious attachments, as none of this ever reaches any employee. Further sending the same (or a very similar) message to multiple employees one by one will immediately cause that message to be blocked as spam for all employees, because this is no normal use case. Either a message is for one specific employee only or it is for a group of them but then it is send to an internal group distribution address (e.g. every team has a team address for that purpose) or it is send to all the related employee at once (multiple TO or CC). Everything else is clearly spear fishing and performed by someone who doesn't even know the group addresses or who has no idea which employees belong to the same team.
@@StarWarsExpert_ It's different for some companies. An erroneously blocked or even just delayed email might cost a bank a huge amount of money. Of course there are compensating measures. Employees with access to potentially dangerous email attachments won't sit in the same network as...the printer which prints out every transaction? Any unexpected TCP/IP, UDP, GRE, ... packet must disconnect the suspected PC from the network, immediately followed by a snatch-&-grab of the hardware (for malware analysis) and the employee. Still, I remember one case, less than 10 years ago, where a CD was physically mailed to the bank. This one went straight to malware analysis. Of course, the Bangladesh bank's security system was just the boss checking printouts after the weekend.
This sounds great but are you also working in a bank? Never heard of a company that does this yet in my line of work. In my current job, most of the employees work remotely so the vulnerability increases but we just simply have no access to the payment information of the customers. My company also did not provide any work computer so we are just using our personal one.
@@Bums001 I work for an IT company. We mainly produce and sell software, we also sell some IT services, and we run our own cloud infrastructure. The only two valuable things you can steal from us are source code and customer account information (names, addresses, phone numbers, what company they work for, etc.). You can't steal customers' private data because data in our cloud, unless it is public, is always end-to-end encrypted (not even we have access to this data, only the customer does), you can't steal passwords (we don't store passwords, we store only salted hashes of passwords, so not even we know our customers' passwords), and you can't steal money (we have no records of bank accounts or credit card numbers because we don't process payments ourselves, we use an external payment processor for that). So we are not even a valuable target and yet we have all these security measures. It's a shame if a valuable target has fewer security measures than we do. However, hackers cannot know whether we are a valuable target or not, so they try anyway. Our mail concept filters several spear-fishing attempts a day, and our main firewall's intrusion alert goes off several times a week where people are actively trying to break into our cloud systems using known security exploits that our firewall blocks, and that wouldn't have worked anyway because our systems are all patched against them. Without all these security measures, we would probably get hacked several times a year.
you don't have to figure out that an international bank uses SWIFT you can't assume SWIFT is a state of the art system, it's been running for many decades and could be the archetype of 'this old software banks run'
@@Iden_in_the_Rain A lot of it is due to the sheer cost of replacing those systems. They're slowly doing it, but it's cost is apparently multiple billioms of dollars to replace these old systems. Financial institutions are heavily interconnected, so changing or updating systems is a long process.
Indeed. Also, they didn't hack SWIFT. They hacked the BANK! using THEIR terminal to make legit SWIFT transactions. Breaking into the SWIFT network is way more involved. (those are very strongly encrypted links, and messages.)
2:00 so... They allowed emails with arbitrary attachments. Several employees just opened the attachment. "Over the following year the hackers..." hold up. They didn't notice someone was in the network for a YEAR!?
The boss fired all the security experts to save money and make $$$ fast. And the remaining employees were paid so badly, they couldn't even afford clothes!
How else are they supposed to photocopy their butts? You _know_ that's the first thing techs do when they get a machine working after fighting with it for two days straight.
Relying a printer for banking in 2024 is the most ridiculous thing ever. Keep a digital log with cryptographic proof and archive it on hard drives or optical storage. Regardless, as soon as the printer stopped working they should have stopped all transactions.
Correct. Many of the transactions were flagged for human verification - too large, too many, etc. And some were canceled due to simple, stupid "typos". Managing to "only" walks away with 81mil is still impressive.
If I'm not wrong Bloomberg published a fantastic article on this. And there's a bunch of good videos on this, including from Jack Rhysider - my fav darknet/hacker podcast (also on YT).
Our financial system is a fucking joke. Any 5 year old could point the flaws in this pathetic "system". A fucking weekend is enough for banks to not be able to communicate? Are you fucking kidding me?
@@bluebon5228 I mean, when you crash your car at 2am on a sunday firefighters will cut you out and paramedics will save your life.... But when hundreds of millions is on the line- money that could save tens of thousands of lives- "I sleep"
Its really funny that banks dont operate during weekends and bank holidays. In an era where everything is 24/7. Imagine airlines operating only 9-17 on weekdays 😀 or hospitals, or taxi drivers, or restaurants and clubs..this is pathetic
I think its a leftover from 80s and 90s systems maybe. Its only a guess, but i think banks still rely on old procedures from these times and didn't upgrade.
This is why basic on-line awareness training is such a big deal. Dropping a few grand on constant reminders to not accept or launch random apps on your workstation is much cheaper than having a compromised network.
So, on a slightly different note, why are all these animated workers sans trousers? Is it because they had to pay back the billion they lost from their wages, and can no longer afford pants? Hmmm.
I guess the Boss fired all the expensive cybersecurity specialists and only kept the ones which were paid so badly that they couldn't afford clothes. But I think this ingenious "make $$$ fast" solution backfired.
As someone who works in security, NEVER click on email links you aren't expecting. Most major compromises are because people click on links they shouldn't. I REPEAT: never click on random links!
As someone who also works in security: clicking on links almost never harms you. Whatever comes next, does. No hacker is gonna waste their valuable 1click exploit in a stupid fishing email. If you don’t enter your stuff into the page, not much at all can happen.
I'm a first time viewer and I'm only 5 minutes in but I really want to compliment the graphics and even extended 3D animations. For the production quality, the amount of views is criminal
6:50 - Slight misconception. Yes the weekend starts on "Thursday night" meaning generally Fridays and Saturdays are off, Sunday is a working day. Basically Bangladesh being an "Islamic country" means that Friday is rest for them. For Jews is Saturday and for Christians it's Sunday. In fact on avarage people in Bangladesh work 2,232 hours per year, the 7th highest in the world. For context people in the US work 1,765 hours per year, being at 39th place. EDIT: I checked on their official website. Yes, only Fridays and Saturdays are off. Thursdays and Sundays are working days. That graphic is really really misleading.
Are all these channels affiliated? These super polished and well done channels keep popping up with similar animation styles and everything. The intro is a lot like fern too. I mean I'm not complaining I guess, just wondering what the heck is going on lol
I'm not making any claims or anything But the video takes a similar path as Kento Bento's story and it just feels like they changed a couple of sentences and stuff Allegedly
@@ryanatkinson2978 It's far too convincing to be normal text to speech, which is incapable of making assumptions about broader sentence tone. At the same time, it blurs numerous words together in a fashion that is clearly not a native speaker, but far too smooth to be a non-native speaker. Basically, it mimics the speed variance of natural speech without fully understanding where speech normally speeds up
@@kylebisson1498yeah, I noticed the weird cadence changes and blending of words and just assumed a non-native speaker. You’re probably right that it’s AI.
5:43 its funny cause, Sri Lankan major government websites got hacked by a 17 year old once. I was thinking about that, and suddenly Sri Lanka was mentioned.
Phishing is still so ridiculously easy, it's a disgrace. Even well-trained, educated people just cant get it through their thick skulls that there are more important things in business than pleasing your manager and getting the completely, totallly, utterly insignificant business report done on time. It's no wonder the phishing business is booming.
The way the videos are made reminds me strongly of Hoog and fern. Do you have anything to do with the other two channels? Regardless of that, very good quality, keep it up👍
It is actually quite sad people think opening zip files would be a problem. It is just a file with compressed data. The problem was surely in the operating system and they probably werent using linux. But hey add more workarounds about whatbis dangerous instead of handling the core issue that is windows (which could mostly be replaced by a browser kiosk).
Subbed yesterday since I immediately fell in love with the content. There's 22k subs now (2.8.2024) - just making myself a note when you'll hit 500k in a year ❤❤
In other words: The hackers where smart enough to not get cought and the USA inteligence wasn't willing to admit that a civilians could outsmart them, so they blamed North Korea.
Because workers in North Korea have about zero rights. In about every other country, "hackers" enjoy a 9-to-5 job. Yes, the time of an attack can indicate which time zones the "hackers" are in. Only in North Korea, hackers are forced to work overtime, every day. Although many North Korean hackers from outside the country, as the North Korea has only a pool of 1000 IP addresses (some sponsored from China). However, it's still not easy to defect from the North Korean Cyber Army (although a few did). Yup, Cyber Army, not civilians (just like APT28 is just a short name for Russia's General Staff Main Intelligence Directorate 85th Main Special Service Center military unit 26165). Oh well, and malware analysts will find similarities in the attach and code, which they can connect to previous and future attacks, groups and states. Although the malware was suspected to have originated in Russia, it's similar to other malware used by Lazarus Group. And a North Korean C2C server IP address was identified during the analysis. I do not know what happend to the accomplice (or the accomplices) in the Bangladesh bank, and whether they could provide any information about the attackers. Note that North Korean groups have large overlaps, and Lazarus Group is the name given for all North Korean state-funded groups. The subgroup behind the Bangladesh is probably APT38. Yes, I consider it plausible, even though *I* cannot prove it..
Printers and security ... In '95 I was briefly working at a company which had no internet connection. The internal network was using arbitrary IP addresses, not RFC 1549 private IPs. Eventually the company got internet which meant we had to renumber the network. Somehow that was mostly working right but printing didn't work for a few clients. Turns out these machines somehow had not picked up the IP address change of the printer and were still printing to the old IP address. Here's were Murphy enters the stage. The IP address happened to be an actual printer somewhere in Sweden and it happily accepted print jobs from Germany.
No, they did lose the money but the majority was recovered. That money was tied up in a transfer and could not be sent to their legitimate customers until it was released.
If Cipher continues making videos on this same level of production, storytelling, and precision, mark my words they will become one of the biggest documentary channels on the platform. Up most respect to the team 🤍
In the aftermath, RCBC got slapped with the biggest fine ever levied by the Bangko Sentral (Philippines' Central Bank) and their CEO was forced to resign because of this booboo. KYC / AML controls also got significantly tighter system-wide after this fiasco - not that there aren't significant loopholes still in place in the financial system, but I can say it got significantly smaller.
Thank's everyone for the support on the video! If you liked it, please consider subscribing. We have so much cool content in the works :)
your the best
great work , can you your workflow and software used , is it solely your or team i wonder !
Good video! And great channel!
At 14:40 there's a misspelling of the Lazarus / Lazarous Group... Ooops a mistake like the hackers did. lol
Could you maybe tell me what kind of music you used at the end of the vid🙏🙏🙏 PLEASE, I need it!!
A German bank denying a 20 million transaction for a typo is the most German thing ever
As a computer programmer, Swift is amazing, they use pretty weak identifiers (all textual, person/company name, bank name, bank address), and yet the whole system works perfectly as if based on hard unique identifiers.
@@speakertomeat Because in reality it's a human based system. They rely on humans to do all the checking.
@@manu144x are you implying that humans make less mistakes?
@@tomlxyz I'm implying that because it's about money, everything is double checked and triple checked and very very few people actually have access to the swift system.
@@manu144x imagine being at a party and somebody asks what you do for a living and you have to say: "Oh, you know, nothing glamourous, I check bank transfers for typos. All in a day's work for stopping bank heists"
if you bought a HP printer, you also know how it feels losing a billion dollars to a printer. The cartridge prices are ridiculous
HP, Epson, Canon - all of their ink costs more than its weight in gold.
lol
That’s how the Printer companies make their money- you don’t seriously think there is a serious profit margin on a $59 multifunction inkjet printer? The printer is the loss leader. It’s the ongoing revenue from ink sales that are the real revenue stream. It’s just like new cars and buying new car parts car headlights on new cars are insanely expensive, as no aftermarket manufacturer makes them for at least the first three years, so the car manufacturer has the monopoly on car parts for new cars…
Screw ink-jets, I got a nice Canon laser printer instead. It print pages in less than 5 seconds with perfect laser sharp lines and gray-scale graphics. Oh, and the toner costs me about hundred bucks per year, sometimes less. :)
@@BillAnt Depends what you need. I need the ability to print in full colour and on thick paper. Your solution would not be viable for my needs.
as a printer technician I can hardly believe that they were physically printing every transaction log on one single printer....
As a photocopier technician I can 100% agree!
@@Mr.QuantumC0re as a laser printer & fax technician I couldn't agree more
@@samredmond9929 😄!
@@samredmond9929 You speak fax AND printer, damn.
fax! It's no wonder the printer was always broken
Summary:
Q: How A Printer Lost A Country $1,000,000,000?
A: Employees opened an email attachment.
😂
Yeah! The printer was being blamed for no reason. Instead it was becoming a problem for the hackers.
@@hotstepper6303 well the printer was to get people to click on the video
Completely agree. Copier Technician here, clicked the link to see how they did this, annnnnnd they didn't.
@@hotstepper6303 for real though, how dare they slander that printer
we fellow humans will usually always be the weakest link in any cybersecurity aspect of a job
0:17 If I was the director, my biggest concern wouldn't the printer, but the fact that the staff work completely naked.
Yes. But the director didn't complain...he had no balls...
I think it matters who the staff is as to whether or not that's a problem X)
LMAO funniest shit i've seen in a while
@@klausstock8020THE DIRECTOR.. HAS NO BALLS, THE STAFF HAVE 2 BUT VERY SMALL🗣️🗣️🗣️🗣️🗣️
@@El_Negro2003 For comparison: how to protect your bank's money *with balls of steel:*
ua-cam.com/video/KAvqDF3Wujc/v-deo.htmlsi=1yU_4s5cg4eMFXXO
Who the heck opens a zip file thinking it's a job application
Loads of stupid people. Sadly, too many of them work for banks. (it's why I won't even admit to having anything to do with computer/network security.)
I've seen people opening scripts thinking they are written reports just because "they are coming from a reputable source"
almost anyone and everyone. you can give them extensive training on what not to do. users will STILL open it.
When I saw that at 1:35 I was laughing my ass off. Woowza! Hate to say, but dummies actually deserve it. lol
majority of the banks automatically reject emails with ZIP files attached
Correct Title: How A Printer Played A Very Small Role In A Country Almost Losing $1,000,000,000
Without the printer they prob would have not gotten much of anything, the printer was a great decoy that people were focused on rather than being focused on their jobs, seriously it was a pivotal piece.
That isn't just a very small role buddy.
The majority of the heist was based on them doing it when no one was in the office because of the weekend and holiday. Printer could of printed it right there and then but it makes no difference if no one is there to read the print outs.
@@xijinpooh8210 Ah you can't explain some things to some people, it's beyond them or they just didn't really fully hear out the matter.
it's a terrible video and clearly he has no idea what he's talking about, it's just cool visuals and "oh there's this impenetrable system and these hackers found their way in, and also theres a printer" like lol. just shows that ppl would watch anything if the story is linear enough and the visuals look nice
Reminds me of a Disrupt or Fern video. 7.2k views is criminally underrated for this quality of production and storytelling. Keep it up!
I completely agree. The level of editing and quality is absolutely stunning especially for a small creator.
hopefully this channel doesn't end up like Disrupt...
@@ishid_anfarded_kingYep
Actually, the team behind Fern made a video about this, but only on their German channel. However, I feel like the quality of the cypher video is actually higher. Incredible job!
simplicissimus already made a very similiar video... ua-cam.com/video/_Veu-lL5zrw/v-deo.html
to be fair his visuals are different
that was a goat level editing and representation. hats off to the team
Thank you, means a lot! The videos are only going to keep getting better and better.
You are feeling frisky@@Cipher-HD
Stolen
It's all AI
All good except for Naked mannequins hanging out with SWEATER wearing mannequin 😂
So, Thor from Pirate Software was right! "If the printer makes a weird noise, I shoot it."
elaborate
@@Oskha_ There is nothing to elaborate about this.
Hello, fellow goblin :LUL:
@@Oskha_ He's referencing a Twitch Streamer PirateSoftware
The only right move
As a Bangladeshi Cyber Security researcher I thoroughly enjoyed the video.
My hamster is as smart as Bangladeshi Cyber Security researcher. At least, according to this video.
is Sat, Sun weekend in Bangladesh ?
@@anreoil it is sad that you are not as smart as your hamster.
LOL *CYBER* that word quickly got wore out in murika in the 90s lol.
@@PatrickBaptistwhat are you saying
I'm from the Philippines and I remember this story way back 2016. The Branch Manager of that RCBC Bank was charged and now facing 30 plus years in prison time, she appealed the case last 2019 and was denied by the Court of Appeals citing that all elements of money laundering was present and reiterate that she knew that the transaction is fraudulent. I guess she received a huge amount for this money laundering transaction.
Whoa!! So although this video presented so many genuins moves by the hackers, at the end of the day if there wasn't corruption on the ground level it would've been impossible?
Or was she just an innocent person pushed out as scapegoat lol, which honestly feels possible too
@@millienexu5684na it’s definitely corruption, otherwise it would be impossible for newly opened personal account to receive such a large sum without getting flagged and checks for suspicious activities.
Who still allowed e-mails with attachments to directly pass through to employee mailboxes in 2015 simply doesn't deserve any better.
In our company, not even HTML messages are allowed to pass through to employee accounts. Employees only get plain text e-mails, never anything else. If the mail contains no plain text message, the incoming mail server translates the HMTL text to plain text before forwarding it. If there are attachments, those are stored on an extra server and are then stripped from the mail. Even if hackers manages to hack the incoming mail server, it's outside of the internal network (before the main firewall) and has no access to anything internally. It can only forward messages to the internal mail server (that will drop all mails containing attachments or HMTL immediately without further notice) and it can upload attachments to the attachment server (there is no external interface for downloading attachments). So even if attackers get total control of the incoming mail server, they cannot access attachments from any other mails and if they disable stripping HMTL/attachments, then these mails never go anywhere as the next server in the process chain will just drop them without even trying to process them. There is no way you can hack into our network by using an exploit in HMTL mails or by adding malicious attachments, as none of this ever reaches any employee.
Further sending the same (or a very similar) message to multiple employees one by one will immediately cause that message to be blocked as spam for all employees, because this is no normal use case. Either a message is for one specific employee only or it is for a group of them but then it is send to an internal group distribution address (e.g. every team has a team address for that purpose) or it is send to all the related employee at once (multiple TO or CC). Everything else is clearly spear fishing and performed by someone who doesn't even know the group addresses or who has no idea which employees belong to the same team.
That was very good insight into how companies and their email systems should operate today. If I ever own a company, I know what to look out for.
@@StarWarsExpert_ It's different for some companies. An erroneously blocked or even just delayed email might cost a bank a huge amount of money. Of course there are compensating measures. Employees with access to potentially dangerous email attachments won't sit in the same network as...the printer which prints out every transaction? Any unexpected TCP/IP, UDP, GRE, ... packet must disconnect the suspected PC from the network, immediately followed by a snatch-&-grab of the hardware (for malware analysis) and the employee.
Still, I remember one case, less than 10 years ago, where a CD was physically mailed to the bank. This one went straight to malware analysis.
Of course, the Bangladesh bank's security system was just the boss checking printouts after the weekend.
This sounds great but are you also working in a bank? Never heard of a company that does this yet in my line of work. In my current job, most of the employees work remotely so the vulnerability increases but we just simply have no access to the payment information of the customers. My company also did not provide any work computer so we are just using our personal one.
@@Bums001 I work for an IT company. We mainly produce and sell software, we also sell some IT services, and we run our own cloud infrastructure.
The only two valuable things you can steal from us are source code and customer account information (names, addresses, phone numbers, what company they work for, etc.). You can't steal customers' private data because data in our cloud, unless it is public, is always end-to-end encrypted (not even we have access to this data, only the customer does), you can't steal passwords (we don't store passwords, we store only salted hashes of passwords, so not even we know our customers' passwords), and you can't steal money (we have no records of bank accounts or credit card numbers because we don't process payments ourselves, we use an external payment processor for that).
So we are not even a valuable target and yet we have all these security measures. It's a shame if a valuable target has fewer security measures than we do. However, hackers cannot know whether we are a valuable target or not, so they try anyway. Our mail concept filters several spear-fishing attempts a day, and our main firewall's intrusion alert goes off several times a week where people are actively trying to break into our cloud systems using known security exploits that our firewall blocks, and that wouldn't have worked anyway because our systems are all patched against them. Without all these security measures, we would probably get hacked several times a year.
You also have to understand that some companies treat computer security like safety. They neglect it until something bad happens.
you don't have to figure out that an international bank uses SWIFT
you can't assume SWIFT is a state of the art system, it's been running for many decades and could be the archetype of 'this old software banks run'
If banks run LinuxSE (secure enhanced Linux) instead of old WinXP or 95 then lots of money would have saved
I was about to say, I don’t know much about SWIFT but I do know that COBOL is still used in a lot of banks and that language is over 60 years old.
@@Iden_in_the_Rain A lot of it is due to the sheer cost of replacing those systems. They're slowly doing it, but it's cost is apparently multiple billioms of dollars to replace these old systems. Financial institutions are heavily interconnected, so changing or updating systems is a long process.
@@smallcube-zn2mm SELinux. And there are many ways to get around it's "protections". (esp. if some moron runs something emailed to them.)
Indeed. Also, they didn't hack SWIFT. They hacked the BANK! using THEIR terminal to make legit SWIFT transactions. Breaking into the SWIFT network is way more involved. (those are very strongly encrypted links, and messages.)
Imagine being so bad at basic parts of hacking you fumble the ball and turn a 1b heist into an 81m dollar heist.
rip
How could they know that the US flag their transactions because an Iranian ship somehow...
@@skipius They were good, but the nuances of the system and the sheer scale of it was too much
This guy thinks 81M gone is just cents.
tbf, the hacker prolly had a conscience, and 81m could set him up for multiple lifetimes alrdy
I love how the extra context makes the $81 million seem like a relief rather, as they could have lost 1200% more
As a digital forensics analyst, this was a very good video providing a solid overview on the capabilities of thoroughly planned cyber attacks.
They apparently had an inside person in the bank.
All comments that start with "As a..." are BS
2:00 so... They allowed emails with arbitrary attachments. Several employees just opened the attachment. "Over the following year the hackers..." hold up. They didn't notice someone was in the network for a YEAR!?
not that easy...the virus is designed to hide itself perfectly, isnt it?
use of old software, infrastructure etc explains
The boss fired all the security experts to save money and make $$$ fast. And the remaining employees were paid so badly, they couldn't even afford clothes!
@@klausstock8020 .... that explains a lot
It's the third world none of this is a surprise anymore
Why are the employees naked while gathered around the printer? Something was very strange about this from the outset.
How else are they supposed to photocopy their butts?
You _know_ that's the first thing techs do when they get a machine working after fighting with it for two days straight.
@@mal2ksc is that a despicable me reference perhaps?
@@OfficialTraxYT Nah, people have been doing that for as long as printers had scanners built-in. Perhaps even before when they weren't built-in
@@AsilarWindsailorive done it before, not too shabby
if THIS is your first video, you know the channel is gonna take off, godspeed Cipher!
Yeah, if you start your channel by copying other channel's content and style, then it's pretty easy
Who did he copy? @@dandeduck
Clicked on video because I thought it was a Fern vid. Stayed for the content
Relying a printer for banking in 2024 is the most ridiculous thing ever. Keep a digital log with cryptographic proof and archive it on hard drives or optical storage.
Regardless, as soon as the printer stopped working they should have stopped all transactions.
it was 2016, though that is no excuse even for 2016.
0:59 it's not surprising things go wrong if your employees are working in DOS naked
Seems that UA-cam finally recommended me another awesome channel. Keep up the good work!
Welcome aboard!
it's plagiarizing other videos unfortunately
@@monochr0mhow? It’s all original
So it actually lost them 81 mil since the other transactions didn't go through.
Correct. Many of the transactions were flagged for human verification - too large, too many, etc. And some were canceled due to simple, stupid "typos". Managing to "only" walks away with 81mil is still impressive.
Well yes and no, the 1 billion was lost, but mostly found and recovered.
yea that's why the title says the country lost 81 million, lol
This video and channel is severely underviewed and underrated, definitely deserves more attention!
Thank you! Hopefully picks up more steam in the next few days :D
@@Cipher-HD The quality is very much Fern or Hoog like, also the thumbnail. U might not copy but is there any conection?
underrated content.editing, and voiceovers. This chanel will blow up in a couple of months
The video is so interesting that the clickbaity title really ruins it.
If I'm not wrong Bloomberg published a fantastic article on this. And there's a bunch of good videos on this, including from Jack Rhysider - my fav darknet/hacker podcast (also on YT).
How tf can it be Thursday in Bangladesh, but Friday in the US? 6:52. Bangladesh is 10 hours AHEAD of New York time.
Woah! this is so underated. only 200 views? this deserves way more attention! i loved this video. keep it up bro
37000, actually
this got me checking the view count and I'm still so shocked it's only at 39k holy moly
only 42k now
822k woohoo
6:01 Can we give these people some pants? Was there no budget left for a loincloth? 🤣
It's clear that in Bangladesh only bank directors afford clothing
Our financial system is a fucking joke. Any 5 year old could point the flaws in this pathetic "system".
A fucking weekend is enough for banks to not be able to communicate? Are you fucking kidding me?
Nobody wants to work on weekends, they want to spend their time on their own or with their family
@@bluebon5228 I mean, when you crash your car at 2am on a sunday firefighters will cut you out and paramedics will save your life.... But when hundreds of millions is on the line- money that could save tens of thousands of lives- "I sleep"
@@Zscach well yeah when you put it that way you are right ,but they should assign few ppl to work on weekends and give them holiday on other day
@bluebon5228 exactly. Weird that certain industries just aren't contactable on a certain day of the week
It's not just our financial system, mate. Everything, especially the politicians, is a fucking joke.
Insane that banks these days still hold to weekends off.
gameover if that was not the case
Love your 3D editing style. U literally made me addicted to it now 😡!
u mean the naked butts?
Damn, this is so high quality content. You earned a sub, mate
Its really funny that banks dont operate during weekends and bank holidays. In an era where everything is 24/7. Imagine airlines operating only 9-17 on weekdays 😀 or hospitals, or taxi drivers, or restaurants and clubs..this is pathetic
I think its a leftover from 80s and 90s systems maybe. Its only a guess, but i think banks still rely on old procedures from these times and didn't upgrade.
@@sjogosPTCute, try going back 15 to 20 more years and you're in the right ballpark.
Hey Cipher, you're doing an amazing job, top tier story telling, keep up the good work, wish you the best !
This channel is going to blow up🎉
🚀
This is the highest quality first UA-cam video I think I’ve ever seen! Phenomenal content
awesome video🥰 "FERN" style is getting famous !!(subscribed)
It feels good to know that people such as fern and cypher are making such beautiful videos
I want to work at a place where HR doesn't care that half the employees are bare assed naked.
This is why basic on-line awareness training is such a big deal. Dropping a few grand on constant reminders to not accept or launch random apps on your workstation is much cheaper than having a compromised network.
So, on a slightly different note, why are all these animated workers sans trousers?
Is it because they had to pay back the billion they lost from their wages, and can no longer afford pants?
Hmmm.
I guess the Boss fired all the expensive cybersecurity specialists and only kept the ones which were paid so badly that they couldn't afford clothes.
But I think this ingenious "make $$$ fast" solution backfired.
As someone who works in security, NEVER click on email links you aren't expecting. Most major compromises are because people click on links they shouldn't. I REPEAT: never click on random links!
As someone who also works in security: clicking on links almost never harms you. Whatever comes next, does.
No hacker is gonna waste their valuable 1click exploit in a stupid fishing email. If you don’t enter your stuff into the page, not much at all can happen.
This channel's content is so high quality.
I'm a first time viewer and I'm only 5 minutes in but I really want to compliment the graphics and even extended 3D animations.
For the production quality, the amount of views is criminal
Amazing explanation ♥️ love this video
6:50 - Slight misconception. Yes the weekend starts on "Thursday night" meaning generally Fridays and Saturdays are off, Sunday is a working day. Basically Bangladesh being an "Islamic country" means that Friday is rest for them. For Jews is Saturday and for Christians it's Sunday. In fact on avarage people in Bangladesh work 2,232 hours per year, the 7th highest in the world. For context people in the US work 1,765 hours per year, being at 39th place.
EDIT: I checked on their official website. Yes, only Fridays and Saturdays are off. Thursdays and Sundays are working days. That graphic is really really misleading.
😞for a minute there I really thought Bangladesh had some sort of deeply rooted culture of work/life balance or something
Impressively well done for a first video.
Are all these channels affiliated? These super polished and well done channels keep popping up with similar animation styles and everything. The intro is a lot like fern too. I mean I'm not complaining I guess, just wondering what the heck is going on lol
I'm not making any claims or anything
But the video takes a similar path as Kento Bento's story and it just feels like they changed a couple of sentences and stuff
Allegedly
@@getawifeThe audio is 100% AI generated as well, uncanny valley good, but definitely AI generated
@@kylebisson1498 what makes you think it's AI?
@@ryanatkinson2978 It's far too convincing to be normal text to speech, which is incapable of making assumptions about broader sentence tone. At the same time, it blurs numerous words together in a fashion that is clearly not a native speaker, but far too smooth to be a non-native speaker. Basically, it mimics the speed variance of natural speech without fully understanding where speech normally speeds up
@@kylebisson1498yeah, I noticed the weird cadence changes and blending of words and just assumed a non-native speaker. You’re probably right that it’s AI.
5:43 its funny cause, Sri Lankan major government websites got hacked by a 17 year old once. I was thinking about that, and suddenly Sri Lanka was mentioned.
So it was NOT the printer but the hackers, it was NOT 1 BILLION but 122 million... hmmm....
Actually 81 million but yeah
It was attributed to North Korean hackers based in China (Lazarus Group).
"This is not an ordinary printer"
*Proceeds to describe an ordinary printer*
Phishing is still so ridiculously easy, it's a disgrace. Even well-trained, educated people just cant get it through their thick skulls that there are more important things in business than pleasing your manager and getting the completely, totallly, utterly insignificant business report done on time. It's no wonder the phishing business is booming.
So insanely good Animation, would love to learn it! Lots of love thank you for this Amazing Documentation!
Excellent editing and storytelling. Way to go!
Means a lot, thank you so much!
Did you animate this entire video?! That's really impressive regardless lol. GJ, Great vid. Sub earned.
When I watched this, I thought this channel had atleast 1M Subs, but only 2K!? your underrated!
Thanks for the support!
You're*
Love it how explained and put everything together!
UA-cam's algorithm is constantly recommending me Hidden Gems, outstanding video! Subscribed and can't wait to see this channel grow!
You are so UNDERRATED, the animation was crazy
Im just not sure why the poeple are bare ass naked in the animation
I am astounded this video only has 1.6k views, this deserve's at least 100k for how quality it is
Thank you so much! That definitely motivates us to keep producing great content.
The way the videos are made reminds me strongly of Hoog and fern. Do you have anything to do with the other two channels? Regardless of that, very good quality, keep it up👍
Ye, I believe fern or Simplicissimus (the German channel of fern) already made a Video about this exact topic.
Fantastic video, underrated channel
Great video! You guys need more views for this kinda content
Thank you so much!
thats an very impressive first video!
im your 12,101st follower :D
Multiple bank employees opened zip files from EMAILS?! 😭😂 Great video so far, 2:24 is pretty
Yeap. Stupid is as stupid does, as they say. Or in the immortal words of Ron White, "you can't fix stupid." (but I can disable their access.)
It is actually quite sad people think opening zip files would be a problem. It is just a file with compressed data. The problem was surely in the operating system and they probably werent using linux. But hey add more workarounds about whatbis dangerous instead of handling the core issue that is windows (which could mostly be replaced by a browser kiosk).
@@slavko321 It had malware, lol.
@@slavko321 It’s just that, you’re not supposed to open any files or really go to any links as one of these employees. Qubes is better 😫😫
@@slavko321 Qubes better anyway
:how many ads do you want in your vid?
:yes
nice video essay dude, keep it up!
Thank you! Lots more coming in the future 😉
DUDE THIS VIDEO IS SO GOOD YOU DESERVE SO MANY MORE SUBSCRIBERS
KEEP!!!
IT!!!
UP!!!
Hey, it's offbrand Fern
Subbed yesterday since I immediately fell in love with the content. There's 22k subs now (2.8.2024) - just making myself a note when you'll hit 500k in a year ❤❤
In other words: The hackers where smart enough to not get cought and the USA inteligence wasn't willing to admit that a civilians could outsmart them, so they blamed North Korea.
Because workers in North Korea have about zero rights. In about every other country, "hackers" enjoy a 9-to-5 job. Yes, the time of an attack can indicate which time zones the "hackers" are in. Only in North Korea, hackers are forced to work overtime, every day. Although many North Korean hackers from outside the country, as the North Korea has only a pool of 1000 IP addresses (some sponsored from China). However, it's still not easy to defect from the North Korean Cyber Army (although a few did). Yup, Cyber Army, not civilians (just like APT28 is just a short name for Russia's General Staff Main Intelligence Directorate 85th Main Special Service Center military unit 26165).
Oh well, and malware analysts will find similarities in the attach and code, which they can connect to previous and future attacks, groups and states. Although the malware was suspected to have originated in Russia, it's similar to other malware used by Lazarus Group. And a North Korean C2C server IP address was identified during the analysis. I do not know what happend to the accomplice (or the accomplices) in the Bangladesh bank, and whether they could provide any information about the attackers.
Note that North Korean groups have large overlaps, and Lazarus Group is the name given for all North Korean state-funded groups. The subgroup behind the Bangladesh is probably APT38. Yes, I consider it plausible, even though *I* cannot prove it..
I love how hackers can make sophisticated software that defeat highly secure systems, but then misspell "foundation"
Great video y'all! Staying tuned for more
Thanks! Only going to keep getting better and better :)
great video!! incredibly underrated, subbed :)
for few seconds I thought it was a fern video
Yes 👍
Printers and security ... In '95 I was briefly working at a company which had no internet connection. The internal network was using arbitrary IP addresses, not RFC 1549 private IPs. Eventually the company got internet which meant we had to renumber the network. Somehow that was mostly working right but printing didn't work for a few clients. Turns out these machines somehow had not picked up the IP address change of the printer and were still printing to the old IP address. Here's were Murphy enters the stage. The IP address happened to be an actual printer somewhere in Sweden and it happily accepted print jobs from Germany.
🤣
clickbait. they ALMOST lost a billion
No, they did lose the money but the majority was recovered. That money was tied up in a transfer and could not be sent to their legitimate customers until it was released.
@@Angel9932right but still a net loss much less than $1B
Yup. "How A Printer Didn't Lose A Country $1,000,000,000." Good story & good video, there's no need for the misleading title.
The title is no longer clickbait
maybe watch the entire video before commenting 💀
Great work. I like visualistation and story tell :)
Not a great fan of the clickbait title. Great video, but that kind of ruines it.
Lemmino style videos are a blessing!
How a printer lost a country $81,000,000 ...I still woulda clicked, so why the lies?
Great work…more content please 🙏
This video is insane! Next level editing
Thank you so much!
the algorithm is liking this video, keep them coming
That's truly an underrated channel right here!
Use me as a "Under 5K GANG" Button
This is the most smartest heist I've ever seen🔥
If Cipher continues making videos on this same level of production, storytelling, and precision, mark my words they will become one of the biggest documentary channels on the platform. Up most respect to the team 🤍
Beautiful presentation ❤️ keep it up
your animation skills are comparable and on par with other massive creators like fern or neo. Keep up the good work!
Wow, thanks for the kind words.
Bro the production of this video is absolute insane! Hi from br :) 🇧🇷
i cant belive you have so little subs, its a GREAT content
Keep up the good work. A million subscribers loading...
The hacker: how ba-a-a-a-d can i be? 🎵🎵🎶🎶
In the aftermath, RCBC got slapped with the biggest fine ever levied by the Bangko Sentral (Philippines' Central Bank) and their CEO was forced to resign because of this booboo. KYC / AML controls also got significantly tighter system-wide after this fiasco - not that there aren't significant loopholes still in place in the financial system, but I can say it got significantly smaller.
Bro I fucking love this animation style.
Received a huge "lump of sum" now that's suspicious!