Bangladesh's finance minister has said he wants to "wipe out" the Philippines bank linked to a cyberattack that left the country's central bank $81 million out of pocket.
As reported by the Dharka Tribune, the Bangladesh government is considering lodging a court case against Rizal Bank, which was used to funnel the proceeds stolen from the Bangladeshi Federal Reserve Bank of New York bank account by attackers.
Speaking at the annual meeting of the Zoological Society of Bangladesh, on Saturday, finance minister Abul Maal A. Muhith said "We will discuss the case with Bangladesh Bank. We want to wipe out Rizal Bank from earth."
According to Reuters, the minister also claimed that Rizal Bank has been "playing delinquent."
"We previously discussed the matter of recovering the money with the Philippine government multiple times," Muhith added. "We were assured that the money will be returned but they are lingering on it. That is why we are thinking about lodging a case."
In February last year, a threat group used stolen SWIFT credentials to make over three dozen large and rapid money requests from the bank account to entities in the Philippines. While the group attempted to steal over $850 million, they managed to make off with $81 million before a small typographical error in a transfer request alerted staff that something was wrong.
The transfers were stopped, but the damage was done. Almost two years later, only approximately $15 million has been recovered.
Security experts have linked the heist to Lazarus, a threat group linked to attacks on entities including manufacturing companies, media, and financial institutions in at least 15 countries worldwide.
Unless the situation is resolved, the Bangladesh bank may file the case against Rizal Commercial Banking Corp (RCBC) to retrieve the rest of the stolen proceeds. RCBC was fined roughly $20 million in 2016 for failing to prevent the flow of fraudulent cash being sent to the Philippines.
The cyberattackers behind the scheme have not been identified. However, RCBC has filed money laundering charges against a former RCBC bank manager and four individuals who owned the bank accounts the money was sent to.
RCBC has so far refused Bangladesh's requests for compensation.
ZDNet has reached out to RCBC and will update if we hear back.
Previous and related coverage
SWIFT says it plans to launch a new security program as it fights to rebuild its reputation in the wake of the $81 million Bangladesh Bank cyber heist.
A typo prevented an extra $20 million being stolen, but a malware infection allowed the funds to be taken in the first place.
If you use second-hand switches and fail to implement a firewall, you're asking for trouble.