- Sputnik International
Asia
Find top stories and features from Asia and the Pacific region. Keep updated on major political stories and analyses from Asia and the Pacific. All you want to know about China, Japan, North and South Korea, India and Pakistan, Southeast Asia and Oceania.

Hit ‘Em in the Wallet: North Korean Hackers Want Cash, Not Secrets

© Sputnik / Alexey Malgavko / Go to the mediabankRansomware attacks global IT systems
Ransomware attacks global IT systems - Sputnik International
Subscribe
A South Korean state-backed agency claims to have uncovered an international North Korean hacking scheme to commit global financial fraud. The purpose of this scheme, according to the reports, is to raise money for the government of the Democratic People’s Republic of Korea.

The report, which comes from South Korea's Financial Security Institute (FSI), claims that North Korea is the backer of the hacking group Lazarus. Cybersecurity firms as well as the US government have linked Lazarus both to the $81 million cyber heist from Bangladesh's central bank in 2016 as well as the cyberattack against Sony Pictures in 2014 in retaliation for the studio's distribution of "The Interview," a comedy about an assassination attempt against North Korean president Kim Jong-un.

The report also mentioned the existence of a Lazarus spin-off known as Andariel, which has targeted South Korean businesses and government bodies. For instance, the FSI report claims that Andariel targets ATMs, steals bank card information and then either withdraws cash from the account or sells the information on the black market.

Cyber security - Sputnik International
German Companies Lose Millions of Euro Due to Cyber Fraud

They also use malware attacks to steal money from online poker and gambling sites.

"South Korea prefers to use local ATM vendors and these attackers managed to analyze and compromise SK ATMs from at least two vendors earlier this year," said Vitaly Kamluk, director of Russian cybersecurity firm Kaspersky's Asia and Pacific research team. "We believe this subgroup (Andariel) has been active since at least May 2016."

In addition, Russian cybersecurity firm Kaspersky Lab identified in April a third hacking group, Bluenoroff, as a spin-off of Lazarus. Bluenoroff has in the past focused on attempting to steal from international financial institutions.

Ransomware attacks global IT systems - Sputnik International
Ransomware May Make You 'WannaCry,' Yet Makes Up Less Than 1% of Cyber Threats

"Bluenoroff and Andariel share their common root, but they have different targets and motives," the FSI report read. "Andariel focuses on attacking South Korean businesses and government agencies using methods tailored for the country."

They added that there was circumstantial evidence linking North Korea to the WannaCry "ransomware" cyberattack that attempted to export hundreds of dollars apiece from 300,000 computers across 150 countries.

The FSI report claimed that eight different malware attacks against South Korea in the last few years were all done by the same perpetrators, as the programs used in the attacks had similar code patterns. The highest-profile of those cases was an attempt to hack the personal computer of South Korean Defense Minister Han Min-goo in September 2016.

A hooded man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017 - Sputnik International
Hacking Alert: US Warns Against North Korean ‘Hidden Cobra’ Cyber Attacks

The FSI added that they have no conclusive evidence of their allegations, and that their views do not officially reflect the views of Seoul.

North Korea has categorically denied any involvement in these cyber crimes.

The FSI was founded in 2015 to investigate and combat cyberattacks against South Korea after a series of malware strikes were levied against the country's financial institutions.

Newsfeed
0
To participate in the discussion
log in or register
loader
Chats
Заголовок открываемого материала