A hacker group known as Lazarus, which many suspect is backed by the North Korean government, has created an international ring that is aiming at banks, casinos and firms that trade digital currency, according to a recent report by Moscow-based cybersecurity firm Kaspersky Lab.
The report doesn’t point a finger at the North Korean regime but declares, “very little goes on in that country without regime leaders knowing about it, and it’s unlikely an operation the size of Lazarus would not have official endorsement.” It adds that the rogue government is becoming a major player in cyber warfare.
It adds, “We believe that Lazarus Group is very large and works mainly on infiltration and espionage operations, while a substantially smaller unit within the group, which we have dubbed Bluenoroff, is responsible for financial profit.”
The Lazarus Group is alleged to have stolen $81 million from the central bank of Bangladesh in 2016 and its malware could be hidden on financial networks waiting to illegally transfer funds.
Lazarus, which stole $81 million from the central bank of Bangladesh last year, “has command and control servers all over the world,” said Eric Chien, director of Symantec Security Response.
Chien told McClatchy: “This is the first time we’ve seen a nation-state stealing a lot of money.”
Symantec Corporation, which makes security software, said it has uncovered a list that appears to be a target list by Lazarus hackers that has more than 100 possible victims in 31 nations, including more than 15 banks in the U.S.
“It’s one thing to go after a bank in Bangladesh. It’s another thing to go after a big U.S. bank,” said Chien.