Sri Lanka’s largest recent cybercrime scandal has deepened amid conflicting reports over alleged foreign investigative involvement, as authorities continue efforts to trace nearly US$ 2.5 million siphoned from Treasury-linked accounts through an international hacking operation. The controversy intensified after local media claimed that a special team from the United States Federal Bureau of Investigation had arrived in Colombo to assist with the probe.
However, the US Embassy in Colombo swiftly dismissed those reports, clarifying that no FBI investigative team had been deployed to Sri Lanka. Embassy officials explained that the United States routinely maintains an FBI Legal Attaché office within the embassy framework to coordinate law enforcement cooperation with Sri Lankan authorities whenever assistance is formally requested.
The embassy stressed that misinformation surrounding sensitive security investigations could undermine public confidence and complicate ongoing inquiries. Officials reiterated that only existing diplomatic and investigative coordination mechanisms are currently functioning between Colombo and Washington.
The cyberattack allegedly targeted Treasury transactions and other government-linked payments, including a separate US$ 625,000 transfer reportedly intended for American postal authorities. Investigators suspect that sophisticated cybercriminals intercepted or redirected financial transfers through multiple overseas digital channels before the funds disappeared into a network of international accounts.
Sri Lankan authorities have launched an extensive forensic investigation involving the Criminal Investigation Department, the Central Bank, and national cyber security agencies. Early findings indicate that the hackers may have used phishing tactics, malware infiltration, and fraudulent payment-routing systems to gain access to sensitive financial infrastructure.
Government officials privately acknowledge that recovering the stolen funds remains extremely difficult because portions of the money are believed to have been rapidly moved through cryptocurrency exchanges and offshore banking networks across several jurisdictions. Financial intelligence units in the United States, Australia, Singapore, and the United Arab Emirates are now believed to be assisting Sri Lanka by monitoring suspicious transactions and identifying possible laundering channels.
Australian cybercrime specialists have reportedly shared technical intelligence related to digital wallet tracing and international payment routing patterns. Meanwhile, American law enforcement authorities continue to coordinate intelligence-sharing support through established diplomatic channels rather than through a direct FBI field deployment.
Cybersecurity analysts warn that the attack exposes critical vulnerabilities within Sri Lanka’s state financial systems at a time when the country is still recovering from its worst economic crisis in decades. Experts say the incident highlights the urgent need for stronger encryption systems, tighter banking verification procedures, and improved digital security training across government institutions.
The Treasury cyber heist has also sparked political scrutiny, with opposition lawmakers demanding transparency regarding internal controls and accountability mechanisms. Several parliamentary committees are expected to summon senior finance and technology officials to explain how hackers managed to bypass safeguards protecting public funds.
Despite mounting pressure, authorities insist that international cooperation is steadily advancing efforts to trace the stolen money. Investigators remain hopeful that at least part of the diverted funds can eventually be frozen or recovered through coordinated cross-border financial monitoring operations and cybercrime enforcement partnerships.
By a Special Correspondent