Saturday, November 17, 2018
News

North Korean hackers emptying millions from ATMs in Asia, Africa: Symantec

   SocialTwist Tell-a-Friend    Print this Page   COMMENT

New Delhi | Friday, 2018 7:15:04 PM IST
North Korea-based infamous hacking group Lazarus is estimated to have stolen tens of millions of dollars from ATMs from banks in Asia and Africa, a new report from cyber security firm Symantec has revealed.

Symantec's research team has uncovered the key component used in the group's recent wave of financial attacks.

The operation, known as "FASTCash", enabled Lazarus to fraudulently empty ATMs of cash.

To make the fraudulent withdrawals, Lazarus first breaches targeted banks' networks and compromises the switch application servers handling ATM transactions, Symantec said in a statement late Thursday.

It was not clear yet if ATMs in India were also affected.

"On October 2, 2018, an alert was issued by US-CERT, the Department of Homeland Security, the Department of the Treasury, and the FBI. According to this new alert, Hidden Cobra (the US government's code name for Lazarus) has been conducting "FASTCash" attacks, stealing money from Automated Teller Machines (ATMs) from banks in Asia and Africa since at least 2016," said Symantec.

Lazarus is a hacking group which has been linked to a string of attacks against everything from banks to government agencies across the world, including the 2014 attack on Sony Pictures.

More recently, Lazarus has also become involved in financially motivated attacks, including an $81 million theft from the Bangladesh Central Bank and the "WannaCry" ransomware outbreak in May 2017.

According to the US government alert, one incident in 2017 saw cash withdrawn simultaneously from ATMs in over 30 different countries.

In another major incident in 2018, cash was taken from ATMs in 23 countries.

To date, the Lazarus FASTCash operation is estimated to have stolen tens of millions of dollars.

"Once these servers are compromised, previously unknown malware (Trojan.Fastcash) is deployed. This malware in turn intercepts fraudulent Lazarus cash withdrawal requests and sends fake approval responses, allowing the attackers to steal cash from ATMs," explained the Symantec team.

The recent wave of FASTCash attacks demonstrates that financially motivated attacks are not simply a passing interest for the Lazarus group and can now be considered one of its core activities.

"Lazarus continues to pose a serious threat to the financial sector and organisations should take all necessary steps to ensure that their payment systems are fully up to date and secured," Symantec added.

Amid growing crypto-jacking episodes, Lazarus has also stolen cryptocurrencies worth more than half a billion dollars.

According to The Next Web that cited findings from the annual report of cybersecurity vendor Group-IB last month, Lazarus was behind 14 hacking attacks on cryptocurrent exchanges since January 2017 -- stealing $571 million.

--IANS na/sed

( 443 Words)

2018-11-09-18:36:05 (IANS)

 
  LATEST COMMENTS ()
POST YOUR COMMENT
Comments Not Available
 
POST YOUR COMMENT
 
 
TRENDING TOPICS
 
 
CITY NEWS
MORE CITIES
 
 
 
MORE BUSINESS NEWS
Death toll in Tamil Nadu due to cyclone ...
US-China trade war will have no winners:...
US, Japan, Australia to invest more to d...
IITF 2018: Exhibitors rue lack of space,...
Finance Secretary Hasmukh Adhia to retir...
Ex-Oracle executive Thomas Kurian to lea...
More...
 
INDIA WORLD ASIA
Govt should push for electric vehicles i...
Haryana government stopped me from visit...
Congress names Ponnala Lakshmaiah in 3rd...
Mardal maestro Banamali Maharana passes ...
NIA files fresh chargesheet in fake curr...
One abducted civilian killed, two releas...
More...    
 
 Top Stories
Cygnus cargo spacecraft launched to... 
Ready to fight terrorism on Pakista... 
Karthik, Nayan star on Day 1 of JKR... 
Modi attends swearing-in ceremony o... 
US, China spar over trade, politica... 
Vikrant is very talented: Ekta Kapo... 
Barcelona midfielder Rakitic has st... 
Low crude oil prices, fund flows fu...