Category Archives: Lazarus Group

FBI to private industry: Attribution won’t deter North Korean hacking

Posted on by

The FBI has told American companies that North Korean government hackers will continue to target financial institutions worldwide despite the U.S. government’s public attribution of such activity to Pyongyang. The targeting “will continue unabated, regardless of the U.S. government public attribution of North Korea,” the FBI’s cyber division said in an industry advisory dated Oct. 25 and obtained by CyberScoop. “North Korean cyber activities remain a concern based on its historical patterns of behavior,” the notice says. In conceding that attribution will not change North Korea’s calculus in cyberspace, the FBI is reiterating what is widely recognized in the cybersecurity industry: that Kim Jong Un’s regime is too brazen to care about being called out for its hacking. In September, the DOJ announced charges against North Korean spy Park Jin Hyok for his alleged role in the destructive 2014 cyberattack against Sony Pictures Entertainment and the 2017 WannaCry ransomware attack. […]

The post FBI to private industry: Attribution won’t deter North Korean hacking appeared first on Cyberscoop.

Continue reading FBI to private industry: Attribution won’t deter North Korean hacking

Lazarus Hackers Abuse FASTCASH Scheme Against Banks Worldwide

Posted on by

The FASTCASH scheme is a dangerous ATM cash-out scheme that is being used by the Lazarus hackers group. This criminal collective is prolific at launching advanced attack campaigns against high-profile targets. Our article sums up their latest attacks w… Continue reading Lazarus Hackers Abuse FASTCASH Scheme Against Banks Worldwide

FireEye unmasks a new North Korean threat group

Posted on by

There is a distinct and aggressive group of hackers bent on financing the North Korean regime and responsible for millions of dollars in bank heists in recent years, according to research from cybersecurity company FireEye. The group, dubbed APT38, is distinct from other Pyongyang-linked hackers because of its overriding financial motivation — as opposed to pure espionage — and persistent targeting of banks worldwide, FireEye researchers said. “This is an active … threat against financial institutions all around the world,” Sandra Joyce, FireEye’s vice president of global intelligence, said at a press briefing. The group was responsible for some of the more high-profile attacks on financial institutions in the last few years, the researchers said, including the $81 million heist of the Bangladesh’s central bank in February 2016, and an attack on a Taiwanese bank in October 2017. North Korean hackers had already been publicly linked with these attacks, but the […]

The post FireEye unmasks a new North Korean threat group appeared first on Cyberscoop.

Continue reading FireEye unmasks a new North Korean threat group

Deterrence or waste of time? Experts at odds over DOJ’s actions on North Korea

Posted on by

In the wake of the Department of Justice charging a North Korean computer programmer with crimes related to various cybersecurity cases, one thing seems to be agreed upon: The chances of Park Jin Hyok seeing an American courtroom are slim. However, there seems to be a rift among legal and cybersecurity experts over the way the U.S. government handled the recent complaint against the hacking unit known as Lazarus Group. Those who spoke to CyberScoop are at odds over whether the complaint shed too much light into the government’s attribution process, giving North Korean hackers the ability to fix any glaring holes and improve their offensive capabilities. “I think it’s a total waste of money,” said Blake Darché, a former NSA analyst. “It does nothing to deter the cyberthreat and makes it look like the United States can’t even bring the people to justice that we charged.” In the complaint, the U.S. […]

The post Deterrence or waste of time? Experts at odds over DOJ’s actions on North Korea appeared first on Cyberscoop.

Continue reading Deterrence or waste of time? Experts at odds over DOJ’s actions on North Korea

Analysts expect Lazarus Group to evolve, clean up opsec

Posted on by

In crossing the threshold of unmasking an alleged Lazarus Group member last week, the Department of Justice showed the efficacy of combining private digital forensics with the long arm of the law. Yet if history is any guide, experts say outing the alleged hacker will do little to curb North Korea’s behavior. Instead, research believe the group will likely clean up its operational security and continue to evolve. In the years that Eric Chien, technical director of Symantec’s Security Response, has been tracking the Pyongyang-linked hacking group, “all we’ve seen is an escalation,” he said. “They’ve only gotten more bold and more experienced in their attacks.” The charges announced Thursday by the Justice Department against North Korean computer programmer Park Jin Hyok showed slip-ups in Park’s operational security, known colloquially as OPSEC. For example, investigators were able to tie email accounts apparently used by Park’s front company in China to spearphishing and reconnaissance conducted ahead of some of Lazarus’s alleged hacking […]

The post Analysts expect Lazarus Group to evolve, clean up opsec appeared first on Cyberscoop.

Continue reading Analysts expect Lazarus Group to evolve, clean up opsec

British Airways Suffers Customer Payment Card Breach

Posted on by

Hackers managed to breach and access the personal and financial details of British Airways customers who booked flights through the company’s website and mobile app in the past three weeks. Data from around 380,000 card payments has been comprom… Continue reading British Airways Suffers Customer Payment Card Breach

New Mac Crypto Exchange Trojan Unleashed by The Lazarus Hacking Group

Posted on by

A well-known North Korean hacking entity, calling itself Lazarus Group has continued it’s activity after hacking Sony Films several years ago and they have now unleashed their newest creation – a Lazarus Trojan for Mac OS machines. Kaspersk… Continue reading New Mac Crypto Exchange Trojan Unleashed by The Lazarus Hacking Group

North Korea reuses code in major hacks, researchers find

Posted on by

Most of Pyongyang’s highest-profile cyberattacks over the past decade were cobbled together with bits of reused code, overlapping networking infrastructure and the indelible fingerprint of North Korean military hackers, a pair of researchers have found. North Korea has come a long way since it first emerged on the global stage as a nascent cyber threat. As it grew in power, hit new targets and conducted malicious activities, Pyongyang didn’t need to reinvent the wheel. Instead, it built on previous successes, leveraging code from previous campaigns to build out future malware. After months of code analysis, Christiaan Beek and Jay Rosenberg, the two researchers, published blog posts outlining their findings, which trace reused code all the way from a DDoS attacks launched by a fledging outfit of North Korean hackers in 2009 all the way to WannaCry, one of the world’s most crippling cyberattacks launched last year by a North Korea-backed hacking group. […]

The post North Korea reuses code in major hacks, researchers find appeared first on Cyberscoop.

Continue reading North Korea reuses code in major hacks, researchers find