Investigators suspect that malicious software code allowing hackers to withdraw the money could have been installed several weeks before the incident. Malware gave hackers an inside look at the bank’s systems.
The hackers appeared to have stolen Bangladesh Bank’s credentials for the SWIFT messaging system, which banks around the world use for secure financial communication.
Investigators believe the attack was sophisticated, describing the use of a “zero day” and referring to an “advanced persistent threat.”