N Korean hackers emptying millions from ATMs in Asia, Africa: Symantec
■ North Korea-based infamous hacking group Lazarus first breaches targeted banks’ networks and compromises the switch application servers handling ATM transactions to make the fraudulent withdrawals ■ It was not clear yet if ATMs in India were also affec
NORTH Korea-based infamous hacking group Lazarus is estimated to have stolen tens of millions of dollars from ATMs from banks in Asia and Africa, a new report from cyber security firm Symantec has revealed.
Symantec’s research team has uncovered the key component used in the group’s recent wave of financial attacks.
The operation, known as “FASTCash”, enabled Lazarus to fraudulently empty ATMs of cash.
To make the fraudulent withdrawals, Lazarus first breaches targeted banks’ networks and compromises the switch application servers handling ATM transactions, Symantec said in a statement late on Thursday.
It was not clear yet if ATM’s in India were also affected.
“On October 2, 2018, an alert was issued by US-CERT, the Department of Homeland Security, the Department of the Treasury, and the FBI. According to this new alert, Hidden Cobra (the US Government’s code name for Lazarus) has been conducting “FASTCash” attacks, stealing money from Automated Teller Machines (ATMs) from banks in Asia and Africa since at least 2016,” said Symantec.
Lazarus is a hacking group which has been linked to a string of attacks against everything from banks to Government agencies across the world, including the 2014 attack on Sony Pictures.