In February 2016, North Korea’s Lazarus Group executed the most audacious central bank heist in history by compromising Bangladesh Bank’s SWIFT messaging system and fraudulently transferring $951 million from Bangladesh Bank’s account at the Federal Reserve Bank of New York. The attack began weeks before — Lazarus Group had gained access to Bangladesh Bank’s network by enticing bank employees to install malware via phishing. By early February 2016, they had access to the SWIFT terminals used to send international payment instructions. On 4-5 February 2016 (a Thursday-Friday, when Bangladesh Bank was closed for the Islamic weekend), the attackers sent 35 fraudulent SWIFT payment instructions to the New York Fed totalling $951 million, requesting transfers to accounts in Sri Lanka and the Philippines. Only $101 million was successfully transferred before the New York Fed and Deutsche Bank blocked further payments due to suspicions. $81 million was successfully laundered through Philippine casinos before being traced. A typo in one instruction (‘fandation’ instead of ‘foundation’) caused Deutsche Bank to flag and block additional transfers. SWIFT acknowledged it was not responsible for the bank’s security but subsequently launched a comprehensive security programme across its 11,000 member institutions. The attack prompted major SWIFT reform and highlighted the catastrophic risk of SWIFT terminal compromise. Lazarus Group used similar techniques against multiple other central banks.