The Criminal Investigation Department has received an intelligence report from the United States that found that Park Jin Hyok, a member of North Korean state-sponsored cyber group named Lazarus Group, was behind the 2016 cyber heist from the Bangladesh Bank’s foreign reserves.

Officials involved in the investigation said that following a Bangladesh  request, they had received the mutual legal assistance requests in late December 2025 from a US intelligence agency that also detected citizens of six countries, 35-40 from the Philippines, and others from North Korea, China, Japan, Sri Lanka and India were involved along with Bangladesh Central Bank officials.

Lazerous Group heisted $101 million in an attempt over $900 million from the Bangladesh money deposited in the Federal Reserve Bank of the US.

Officials said that the hacker group hacked some companies and organisations in different countries while it was their first success in hacking any country’s central bank.

They also said that the hacker group had sent some fictitious emails to the Bangladesh Bank and some employees also responded to these, which also made it easy to hack.

The US report found that several Bangladesh Bank officials from various departments, including information technology department, accounts and budgeting department and payment system department, were detected in the reserve heist involvement.

In the recent MLAR report by an US intelligence agency, they found $81 million was shifted to the Rizal Commercial Banking Corporation in the Philippines and then shifted to various fictitious accounts, and later used in the casinos namely Filrem, Eastern Hawai, Midas and Solaire.

CID special superintendent for media Jasim Uddin Khan told New Age on Wednesday that the US intelligence found out the layering of the reserve heist.

‘Most of the people involved in the Bangladesh reserve heist are from the Philippines. The other involved are from countries, including North Korea, China, Japan, Sri Lanka and India,’ the official said.

Referring to their forensic report, CID officials said that collaboration between local real-time gross settlement system and the international SWIFT messaging system made it easier for hackers to access the necessary systems for the heist.

Investigators also said that some evidences were destroyed as the case was filed 39 days after the incident by BB deputy director Zubair Bin Huda with the Motijheel police station against unidentified people.

The case was filed on March 15, 2016 and the incident took place between February 4 and February 5.

Apart from the MLAR, he said that they had also received letters of request from different countries, which involves proceeding from a country’s court to another country’s court.

CID officials said that they had interrogated 30-35 Bangladesh Bank officials and 8-15 of them found preliminary involved.

Investigators said that the name of former BB governor Atiur Rahman also came on the lists and the scrutinising of the names by them was now at the final stage.

CID chief Sibgat Ullah, also an additional inspector general of police, said that they had received MLAR reports from different countries and the investigation was now at the final stage.

Asked why the probe report submission date was deferred for 93 times, he said, ‘The case investigation required cross border information and many foreign countries nationals were involved. So, it required time to complete the probe as it is a state-level matter.’

He, however, declined to reveal anything more ‘for the sake of investigation’.

CID officials mentioned that Bangladesh recovered $34.66 million, including $20 million from Sri Lanka and $14.66 million from the Philippines.

They said that the Philippines authorities were asking Bangladesh to adjust some compensation, saying that some Bangladesh Bank officials were involved in the reserve heist.

Earlier in March, 2025, the interim government formed a six-member high-level committee, led by law adviser Asif Nazrul, to review the 2016 Bangladesh Bank reserve heist.

In 2019, Bangladesh also filed a lawsuit in a US federal court against Philippine bank RCBC, several casinos, 17 individuals and institutions, and three Chinese nationals, accusing them of planning and carrying out the theft.

Asked about the case filed in the US, they said that the case was still running.