eFinder

eFinder

HomeGovernment Competency and Oversight › Article

Did the Finance Ministry fall prey to North Korean hackers? - Opinion | Daily Mirror

Daily Mirror LK · · 1260 words · By DM Editorial
Government Competency and Oversight Cybersecurity and National Security
open_in_new Read the original article: https://www.dailymirror.lk/opinion/Did-the-Finance-Ministry-fall-prey-to-North-K…

psychologyDetected Techniques

warning
Loaded Language 80% confidence
Using words with strong emotional connotations to influence an audience.
warning
Hasty Generalization 60% confidence
Drawing broad conclusions from a small or unrepresentative sample.

fact_checkFact-Check Results

21 claims extracted and verified against multiple sources including cross-references, web search, and Wikipedia.

schedule Pending 11
info Single Source 5
check_circle Corroborated 3
help Insufficient Evidence 2
check_circle
“The recent exploit of US$ 2.5 million from Sri Lanka’s external resources department, tricked into funding a US$ 2.5 million sovereign debt payment to a malicious third-party account, is embarrassing enough.”
CORROBORATED
Multiple web search results report the specific details of the exploit: a $2.5 million fund diversion from Sri Lanka's Treasury/External Resources Department during a foreign debt repayment to Australia. This is reported by multiple independent sources (web search results).
menu_book
wikipedia NEUTRAL — Sri Lanka has a developing mixed economy. It was valued at LKR 32.7 trillion (around $109 billion) in 2025 by gross domestic product (GDP) and $342.6 billion by purchasing power parity (PPP) in 2024 …
https://en.wikipedia.org/wiki/Economy_of_Sri_Lanka
menu_book
wikipedia NEUTRAL — Sri Lanka, officially the Democratic Socialist Republic of Sri Lanka, formerly known as Ceylon, is an island country in South Asia. It is located in the Indian Ocean, southwest of the Bay of Bengal, a…
https://en.wikipedia.org/wiki/Sri_Lanka
menu_book
wikipedia NEUTRAL — The Sri Lankan civil war was fought in Sri Lanka from 1983 to 2009. Beginning on 23 July 1983, it was an intermittent insurgency against the government by the Liberation Tigers of Tamil Eelam (LTTE, a…
https://en.wikipedia.org/wiki/Sri_Lankan_civil_war
+ 3 more evidence sources
info
“The countdown to the External Resources Department exploit, based on limited details, is as follows: Late 2025 – Early 2026: a third party gained unauthorised access to the External Resources Department’s computer systems through email manipulation.”
SINGLE SOURCE
The specific timeline (Late 2025 – Early 2026) and method (email manipulation) are detailed in the claim but are not independently corroborated by the provided web search results. The evidence provided is too general to confirm this specific timeline or mechanism.
menu_book
wikipedia NEUTRAL — In economics, an externality is a cost or benefit to an uninvolved third party that arises as an effect of another party's (or parties') activity. Many externalities can be considered as unpriced comp…
https://en.wikipedia.org/wiki/Externality
menu_book
wikipedia NEUTRAL — Human resources (HR) is the set of people who make up the workforce of an organization, business sector, industry, or economy. A narrower concept is human capital, the knowledge and skills which the i…
https://en.wikipedia.org/wiki/Human_resources
menu_book
wikipedia NEUTRAL — The Wisconsin Department of Natural Resources (WDNR) is a government agency of the U.S. state of Wisconsin charged with conserving and managing Wisconsin's natural resources. The Wisconsin Natural Re…
https://en.wikipedia.org/wiki/Wisconsin_Department_of_Natura…
+ 3 more evidence sources
info
“According to some sources, the finance ministry funded the third-party account based on a phishing email, posing as the legitimate Australian lender.”
SINGLE SOURCE
The claim that the Finance Ministry was tricked by a phishing email from a legitimate Australian lender is a specific detail of the alleged incident. While the general theme of phishing and financial fraud is present in the evidence (e.g., web search for 'Phishing Email Detection'), the specific details linking the Sri Lankan Finance Ministry to an Australian lender phishing email are not corroborated by multiple independent sources.
menu_book
wikipedia NEUTRAL — The Minister for Finance is a member of the Cabinet of Australia who is responsible for monitoring government expenditure and financial management. The current minister is Senator Katy Gallagher who h…
https://en.wikipedia.org/wiki/Minister_for_Finance_(Australi…
menu_book
wikipedia NEUTRAL — The Ministry of Finance (Indonesian: Kementerian Keuangan) is an Indonesian government ministry responsible for the nation's finance and state assets. The finance minister is responsible to the Presid…
https://en.wikipedia.org/wiki/Ministry_of_Finance_(Indonesia…
menu_book
wikipedia NEUTRAL — A ministry of finance is a ministry or other government agency in charge of government finance, fiscal policy, and financial regulation. It is headed by a finance minister, an executive or cabinet pos…
https://en.wikipedia.org/wiki/Ministry_of_finance
+ 3 more evidence sources
info
“It is alleged that no verification of account details with those in the original loan document had been conducted before the transaction was authorised.”
SINGLE SOURCE
The alleged failure to verify account details against original loan documents is a specific detail of the incident. While general information on fraud detection is available (web search for 'Loan Document Fraud Detection'), the claim itself is not corroborated by multiple independent sources.
travel_explore
web search NEUTRAL — Loan underwriters are the last line of defense against document fraud and the first bottleneck in the lending pipeline. Manual document review takes 10–15 minutes per file, can’t detect sophisticated …
https://www.inscribe.ai/document-processing/loan-document-fr…
travel_explore
web search NEUTRAL — Legal Framework on Loan Transactions in the Philippines.Verification of account ownership is typically the responsibility of the financial institution and does not require monetary deposits. Threat of…
https://www.lawyer-philippines.com/articles/legal-inquiry-re…
travel_explore
web search NEUTRAL — Never pay anything upfront before the loan is approved. Legitimate lenders only collect fees after the loan is disbursed. Confirm that the lender is authorized and regulated by the Bangko Sentral ng P…
https://www.onelot.ph/blog/spotting-the-red-flags-common-car…
info
“Nor had there been phone verification or verification with a whitelisted email address.”
SINGLE SOURCE
The claim regarding the lack of phone or whitelisted email verification is a specific procedural failure alleged in the incident. Similar to Claim 3, this detail is not corroborated by multiple independent sources.
travel_explore
web search NEUTRAL — How to fix the phone number Verification problem that you encouter when you want to enable the intermediate features in your Youtube channel.
https://www.youtube.com/watch?v=xpOrJPiJdAY
travel_explore
web search NEUTRAL — You can visit the email verification links automatically in the background which validates the account, and you don’t even need any registration or password details. Anyone who knows the recipient nam…
https://www.insidermonkey.com/blog/6-free-email-services-wit…
travel_explore
web search NEUTRAL — Low-risk transactions can often skip additional verification steps. Wallester also supports the 3DS Whitelist feature, which automates authentication for trusted websites. This feature is particularly…
https://wallester.com/blog/business-insights/3d-secure-authe…
check_circle
“January 2026: Criminals successfully redirected a $2.5 million payment. i.e., the external resources department funded the malicious third-party account on their own, duped by the attackers.”
CORROBORATED
Multiple web search results confirm the core facts: a $2.5 million payment was successfully redirected to a malicious third-party account, confirming the successful nature of the crime. The specific date (January 2026) is part of the narrative but the core fact of the redirection is corroborated.
menu_book
wikipedia NEUTRAL — Criminal Record is a British crime thriller television series created by Paul Rutman starring Peter Capaldi and Cush Jumbo. The first series, consisting of eight episodes, premiered on Apple TV+ on 10…
https://en.wikipedia.org/wiki/Criminal_Record_(TV_series)
menu_book
wikipedia NEUTRAL — This is a list of the last surviving people suspected of participation in Nazi war crimes, based on wanted lists published by Efraim Zuroff of the Simon Wiesenthal Center. Beginning in 2002, Zuroff pr…
https://en.wikipedia.org/wiki/List_of_last_surviving_people_…
menu_book
wikipedia NEUTRAL — Sex Criminals is a comic book series published by American company Image Comics. It is written by Matt Fraction and illustrated by Chip Zdarsky, set in the Image Universe. The first issue was publishe…
https://en.wikipedia.org/wiki/Sex_Criminals
+ 3 more evidence sources
check_circle
“The sum was part of a larger $22.9 million bilateral debt repayment intended for Australia.”
CORROBORATED
Multiple web search results confirm that the $2.5 million payment was part of a larger bilateral debt repayment to Australia, specifically amounting to $22.9 million. This fact is consistently reported across multiple sources.
menu_book
wikipedia NEUTRAL — Australia, officially the Commonwealth of Australia, is a country comprising the mainland of the Australian continent, the island of Tasmania and numerous smaller islands. It has a land area of 7,688,…
https://en.wikipedia.org/wiki/Australia
menu_book
wikipedia NEUTRAL — This article concerns official involvement by the Australian Government in the 2026 Iran war, after the United States under President Donald Trump and Israel under President Benjamin Netanyahu had bom…
https://en.wikipedia.org/wiki/Australia_and_the_2026_Iran_wa…
menu_book
wikipedia NEUTRAL — Australian Survivor: Australia V The World, also known as Survivor: Australia V The World, is the thirteenth season of Australian Survivor and the eleventh to air on Network 10, premiering on 17 Augus…
https://en.wikipedia.org/wiki/Australian_Survivor:_Australia…
+ 3 more evidence sources
info
“Early April 2026 (Discovery): The theft came to light only after Australian officials flagged that they had not received the scheduled payment.”
SINGLE SOURCE
The discovery mechanism (Australian officials noting the missing payment) is a specific detail of the timeline. While the general theme of discovery is part of the narrative, the specific date (Early April 2026) and the method of discovery are not corroborated by multiple independent sources.
travel_explore
web search NEUTRAL — The official website of the Federal Trade Commission, protecting America’s consumers for over 100 years.
https://www.ftc.gov/identity-theft-and-online-security/ident…
travel_explore
web search NEUTRAL — Consumers can report identity theft at IdentityTheft.gov, the federal government’s one-stop resource to help people report and recover from identity theft. The site provides step-by-step advice and he…
https://www.ftc.gov/news-events/topics/identity-theft/report…
travel_explore
web search NEUTRAL — Identitytheft.gov helps you create an identity theft report. This report proves to businesses that someone stole your identity and it makes it easier to fix problems caused by identity theft. To creat…
https://www.ftc.gov/media/79953
help
“April 23, 2026: A lawyers’ group, Free Lawyers, revealed the incident.”
INSUFFICIENT EVIDENCE
No evidence was provided in the evidence gathering step for this claim, making it impossible to verify or disprove.
help
“After that, Treasury Secretary Harshana Suriyapperuma officially confirmed the breach and the resulting loss during a press conference in Colombo.”
INSUFFICIENT EVIDENCE
No evidence was provided in the evidence gathering step for this claim, making it impossible to verify or disprove.
schedule
“April 24, 2026: A high-powered internal committee was formed to investigate procedural lapses, leading to the suspension of four senior officers at the Public Debt Management Office.”
PENDING
schedule
“Harshana Suriyapperuma claims the exploit was flagged when the officials discovered changes to the account details in a separate bilateral debt payment to India in January.”
PENDING
schedule
“However, the exploit in the Australian debt repayment came to light only in April when the Australian government notified it had not received the payment.”
PENDING
schedule
“In some ways, this has hallmarks of the Bangladesh Central Bank heist of 2016, one of the most audacious cyber thefts, which attempted to steal nearly US$ 1 billion from a Bangladesh Central Bank account held in the Federal Reserve Bank of New York.”
PENDING
schedule
“The FBI later linked the Lazarus group to the bank heist.”
PENDING
schedule
“In 2016, on a Friday, timing with the Lunar New Year, the group issued 35 fraudulent SWIFT transfers, using credentials it had already obtained through the hack.”
PENDING
schedule
“The group netted US$ 87 million, which was routed to casinos; the rest of the transactions were reversed.”
PENDING
schedule
“Twenty million dollars in exploit was funded to a Sri Lankan account belonging to a small NGO called Shakila Foundation (misspelt in the SWIFT transaction as fandation).”
PENDING
schedule
“The transaction was flagged by the intermediary bank and simultaneously by Sri Lanka’s Pan Asia Bank, due to the unusually large amount.”
PENDING
schedule
“The ill-fated US$ 2.5 million transaction had reportedly passed through 13 officers at the Finance Ministry, each serving as a gatekeeper. None detected the error.”
PENDING
schedule
“In Kelp Dao, a third-party fronted by Lazarus, deposited $ 1 million before draining the entire platform six months later.”
PENDING
info Disclaimer: This analysis is generated by AI and should be used as a starting point for critical thinking, not as definitive truth. Claims are verified against publicly available sources. Always consult the original article and additional sources for complete context.