On May 24, 2018, Banco de Chile — Chile’s largest bank — suffered a sophisticated coordinated attack combining a destructive cyber operation with financial fraud. Attackers deployed a custom MBR-wiping malware that corrupted the master boot records of approximately 9,000 workstations and 500 servers across the bank’s network, rendering them unbootable and creating a bank-wide IT emergency. While Banco de Chile’s security and IT teams were consumed with responding to what appeared to be a catastrophic destructive attack, the attackers simultaneously submitted fraudulent SWIFT transfer messages instructing transfers totaling $10 million to accounts in Hong Kong. The combination of a destructive attack as a distraction while financial fraud is committed was a novel and effective tactic — bank staff had no capacity to detect the SWIFT fraud while managing thousands of infected machines. Banco de Chile recovered approximately $8 million; approximately $2 million was ultimately lost. The attack was attributed to the Lazarus Group (DPRK) by Chilean banking regulator SBIF, Europol, and multiple security researchers based on tool and TTP similarities to prior North Korean operations. The wiper malware shared characteristics with previously documented Lazarus tools. This ‘distraction + heist’ technique represented an evolution from pure SWIFT fraud and was later observed in other attacks attributed to North Korean actors.