Sri Lanka hit by massive cyber fraud totaling 23.53 crores, ministry payment diverted

Post Views: 1

Sri Lankan Finance Ministry Hit by Sophisticated Phishing-Linked Cyber Fraud

A recent cybercrime incident has exposed significant vulnerabilities in the Sri Lankan financial sector, compromising the country’s Department of External Resources at the Ministry of Finance. Estimated financial losses amount to approximately $2.5 million, with the hackers exploiting a phishing campaign to manipulate a payment process and divert funds to an unauthorized account.

According to initial investigations, the attackers employed a combination of phishing emails and domain spoofing to create fake digital identities and intercept official communication channels. This allowed them to alter payment instructions intended for an Australian creditor, redirecting the funds instead to an unauthorized bank account.

Experts believe the operation may have been orchestrated by a coordinated cybercrime network, leveraging sophisticated digital deception techniques to evade detection. The attackers created fake IDs and spoofed domains to bypass security measures and manipulate the payment process, highlighting the need for robust monitoring systems and real-time verification frameworks.

The Investigation Unfolds

The Sri Lanka Computer Emergency Readiness Team (CERT) is assisting in the investigation, analyzing logs, IP addresses, server activity, and data traffic patterns to reconstruct the attack chain.
Preliminary assessments suggest that critical multi-layer verification protocols in the payment approval system may not have been fully enforced, allowing the fraudulent transaction to proceed unchecked.
This has sparked concerns over delays in submitting the investigation report to the court, with a legal advocacy group demanding greater transparency and accountability from the authorities.

Cybersecurity experts warn that this incident may be part of a larger international cybercrime operation targeting financial institutions and government departments. Advanced phishing campaigns designed to divert high-value fund transfers continue to evolve, exploiting weak monitoring systems, delayed security updates, and gaps in real-time verification frameworks.

What’s Next?

Authorities are working to map the complete network behind the fraud and identify how unauthorized access was gained to official communication channels.
Potential arrests and further details are expected as the inquiry progresses.