McAfee described the Far Eastern International Bank attack as a targeted bank heist in which criminals attempted to wire about US$60 million to destinations including Sri Lanka, Cambodia, and the United States. Initial intelligence indicated spear phishing with backdoor attachments led victims to a malicious site that downloaded additional backdoor malware, giving attackers access to bank systems. The attackers harvested credentials, used them to create scheduled tasks, and monitored or attempted to disrupt endpoint security services, showing prior knowledge of the victim environment. McAfee found a resource that unpacked into an executable identified by strings as a Hermes 2.1 test build, but it displayed no ransom note or payment demand after execution. The timing of the pseudo-ransomware activity during unauthorized payments led McAfee to assess that Hermes was likely used as a distraction from the theft rather than as the main objective.