Kaspersky Links Hackers Behind Global Bank Heists to North Korea

Financial Services

The group suspected of making off with $80 million from a Bangladesh bank last year has a direct link to North Korea, a security firm says.

The robbery of the Central Bank of Bangladesh's systems took patience. The group behind it tooks months to learn the systems and then used stolen SWIFT credentials to request a series of transfers that totaled $851 million but made off with about $80 million, according to ZDnet.

A recent Kaspersky Lab report said there’s a high chance the Lazarus Group—also linked to the 2014 Sony Entertainment hack—is behind the Bangladesh theft, as well as attacks on other global financial institutions, bitcoin firms and casinos. The report also connects a subgroup called Bluenoroff, which specializes in targeting banks, to an IP address in North Korea.

The group operates on a large-scale and with a sophistication beyond most criminal organizations, running a “factory of malware” that constantly updates and morphs quality code.

“Their solutions are aimed at invisible theft without leaving a trace,” the report said.

Kaspersky identified suspected Lazarus attacks in Southeast Asia and Europe in recent weeks, though the group has gone quiet.