THE BILLION-DOLLAR TYPO
When the world went digital, a whole new generation of pirates was spawned.
No sword or steel was required to plunder these brave new seas; instead, ambitious criminals and other nefarious sorts were armed with a new and frightful weapon: code.
It didn’t take long for world governments to notice the damage these hackers could do.
Some even chose to harness that power for themselves, raising up digital legions to be unleashed on their enemies—not just for the boon of profit, but also to bring glory to their nations by way of subverting their enemies.
For North Korea, this came in the form of the Lazarus Group, a state-sponsored collective of hackers and computer scientists operating under the Reconnaissance General Bureau (RGB).
Highly organized, completely loyal to the state, and shrouded in secrecy, this group organized a heist straight out of a novel—one that would demonstrate their absolute mastery over the digital landscape.
In the early months of 2016, the group set its sights on the ultimate prize: the Federal Reserve Bank of New York.
The attack started with something pedestrian: a simple email. The message, sent from a hopeful applicant, was opened by a mid-level employee at Bangladesh Bank in Dhaka.
Once the viral attachment was opened, the software burrowed deep into the bank's mainframe, known in the hacking community as a "phishing scam."
Lazarus didn't strike immediately. They bided their time, using the malware to observe the bank's daily routines and map its vulnerabilities.
They identified the ultimate prize: the SWIFT terminal—the encrypted gateway used to authorize multi-million dollar transfers. This was the terminal that issued financial transfer requests to the Federal Reserve Bank.
To control this terminal was to command the flow of wealth itself.
There was one physical hurdle: a physical printer located in Bangladesh Bank. In the "SWIFT Room," a printer was hard-wired to provide a paper trail of every major transaction.
If an employee saw an unauthorized request, the ruse would be up.
To neutralize this sentinel, the hackers injected a second virus specifically to silence the printer, ensuring no physical evidence would alert the staff.
The timing was calculated with military precision. They chose a long weekend to exploit the global "intelligence gap." On February 4, 2016, as the employees in Dhaka were beginning their weekend, Lazarus took control of the SWIFT terminal.
They issued 35 separate requests totaling nearly $951 million, destined for RCBC in the Philippines.
The first $81 million cleared instantly. The hackers watched the numbers climb as a simple email breach broke the bow of a national bank. Then, the thirty-sixth request hit the routing filters.
This transfer was requesting on the behalf of the "Shalika Foundation," but was spelled incorrectly as the: "Shalika Fanndation."
As these requests often passed through "middle-men" banks on their routes to Asia, a routing clerk working at
The employee first contacted the Pan Asian bank in Sri Lanka, who looked at the request and agreed it was quite odd, and then relayed that information to the bank in Bangladesh, asking if they were absolutely sure they wanted to send 20 million dollars to this "fanndation".
By this time, it was Monday and bank employees were returning to work in Bangladesh Bank, and were shocked to see these massive requests, made in their names.
The Fed was contacted immediately and all pending transactions, and the billion dollar dream of the Lazarus group were quelled.It would seem that while the North Korean group had bided their time, so too had irony.
It was a simple email that created a massive breach in the impenetrable hull of the international banking system, and a simple spelling mistake that sealed that doorway shut.
The event proved to the world that a keystroke could disrupt entire empires. And the message was well-received.
The fallout was cataclysmic. The $81 million that did clear was moved via armored cars into the neon-lit chaos of the Solaire Resort and Casino. On the baccarat tables, the stolen wealth was converted into chips and "washed" clean.
Back in New York, the Fed pointed fingers at SWIFT, while SWIFT pointed back at the local banks.
The event triggered sweeping reforms; "Multiple Authenticity" checks became the new global standard, and the Federal Reserve began requiring secondary human authorization—often by phone—for unusual high-dollar transfers.
In the Philippines, branch manager Maia Deguito was eventually convicted of money laundering. In Bangladesh, Governor Atiur Rahman resigned under intense pressure.
Years later, in 2018, the U.S. Department of Justice filed criminal charges against Park Jin Hyok, officially linking the North Korean state to the robbery.
The Billion-Dollar Typo remains one of the most costly mistakes in criminal history.
It moved the Lazarus Group out of the shadows and into a glaring global spotlight, further alienating North Korea and elevating them to the status of a digital pariah. What little trust the world had in the regime was eroded by a single, misplaced letter "n."
