By: Staff Writer
May 25, Colombo (LNW): Sri Lanka’s investigation into the massive US$ 2.5 million Treasury cyber fraud has entered a critical phase as authorities intensify cooperation with foreign intelligence and financial crime agencies to recover stolen public funds believed to have been transferred across multiple international networks.
The case erupted after hackers allegedly infiltrated payment systems connected to Treasury operations and redirected millions of dollars through fraudulent digital transactions. The cybercriminals are also suspected of diverting an additional US$ 625,000 payment intended for United States postal authorities, raising concerns over the scale and sophistication of the operation.
Amid widespread speculation, the US Embassy in Colombo formally denied reports claiming that a dedicated Federal Bureau of Investigation team had arrived in Sri Lanka to spearhead the inquiry. Embassy representatives clarified that while no special FBI deployment has taken place, the United States maintains an FBI Legal Attaché office at the embassy to facilitate routine law enforcement collaboration with Sri Lankan agencies when necessary.
Diplomatic officials warned that inaccurate reporting on security-related investigations could create confusion during sensitive criminal probes. Nevertheless, intelligence-sharing cooperation between Sri Lanka and international partners continues behind the scenes as investigators race to identify the cybercrime network responsible for the theft.
Sources familiar with the investigation indicate that Sri Lankan authorities have sought assistance from American and Australian cybercrime experts to trace electronic transaction trails and analyse suspicious banking movements linked to the missing funds. International financial monitoring agencies are now examining whether the money passed through shell companies, cryptocurrency exchanges, or offshore laundering networks before being dispersed.
Cyber forensic teams are believed to be reviewing compromised servers, email systems, and payment gateways that may have been exploited by the hackers. Investigators suspect the attackers used advanced phishing techniques and manipulated payment authorisation procedures to gain unauthorised access to Treasury-linked transactions.
Australian authorities have reportedly provided technical support involving blockchain tracing tools and cyber intelligence analysis. Meanwhile, American agencies are assisting through information exchanges concerning cross-border financial activity and digital fraud detection systems.
Sri Lankan officials have admitted privately that the recovery process could take months because stolen funds appear to have been fragmented into smaller transactions and routed through several countries within hours of the breach. However, authorities remain cautiously optimistic that portions of the money could still be frozen if linked accounts are identified before the assets are fully withdrawn or converted.
The scandal has renewed pressure on the Sri Lankan government to modernise national cyber defences and tighten financial oversight mechanisms. Experts argue that outdated digital security systems within public institutions continue to leave critical infrastructure vulnerable to increasingly organised international cybercrime syndicates.
Political leaders and anti-corruption activists are demanding a full independent inquiry into how Treasury safeguards failed to detect or block suspicious transfers in real time. Questions are also emerging over whether adequate cybersecurity audits had been conducted before the incident occurred.
As investigations continue, Sri Lanka’s cooperation with foreign intelligence agencies is expected to expand further. Authorities say the ultimate priority remains recovering public funds, identifying those responsible, and strengthening national financial systems to prevent future cyberattacks targeting state institutions.