North Korea is behind an increasingly orchestrated effort at hacking into computers of financial institutions in South Korea and around the world to steal cash for the impoverished country, a South Korean state-backed agency said in a report.
In the past, suspected hacking attempts by North Korea appeared intended to cause social disruption or steal classified military or government data, but the focus seems to have shifted in recent years to raising foreign currency, the South’s Financial Security Institute said.
The isolated regime is suspected to be behind a hacking group called Lazarus, which global cybersecurity firms have linked to last year’s US$81 million cyberheist at the Bangladesh central bank and the 2014 attack on Sony’s Hollywood studio.
The US government has blamed North Korea for the Sony hack and some US officials have said prosecutors are building a case against Pyongyang in the Bangladesh Bank theft.
In April, Russian cybersecurity firm Kaspersky Lab also identified a hacking group called Bluenoroff, a spinoff of Lazarus, as focused on attacking mostly foreign financial institutions.
The new report, which analyzed suspected cyberattacks from 2015 to this year on South Korean government and commercial institutions, identified another Lazarus spinoff named Andariel.
“Bluenoroff and Andariel share their common root, but they have different targets and motives,” the report said. “Andariel focuses on attacking South Korean businesses and government agencies using methods tailored for the country.”
Pyongyang has been stepping up its online hacking capabilities as one way of earning hard currency under the chokehold of international sanctions imposed to stop the development of its nuclear weapons program.
Cybersecurity researchers have also said they have found technical evidence that could link North Korea with the global WannaCry “ransomware” cyberattack that infected more than 300,000 computers in 150 countries in May.
“We’ve seen an increasing trend of North Korea using its cyberespionage capabilities for financial gain,” said Luke McNamara, senior analyst at cybersecurity company FireEye. “With the pressure from sanctions and the price growth in cryptocurrencies like bitcoin and Ethereum, these exchanges likely present an attractive target.”
North Korea has routinely denied involvement in cyberattacks against other countries. The North Korean mission to the UN was not immediately available for comment.
The report said the North Korean hacking group Andariel has been spotted attempting to steal bank card information by hacking into automated teller machines, and then using it to withdraw cash or sell the bank information on the black market. It also created malware to hack into online poker and other gambling sites and steal cash.
“South Korea prefers to use local ATM vendors and these attackers managed to analyze and compromise SK ATMs from at least two vendors earlier this year,” said Vitaly Kamluk, director of the APAC research center at Kaspersky.
“We believe this subgroup [Andariel] has been active since at least May 2016,” he said.
The latest report lined up eight different hacking instances spotted within the South in the past few years, which North Korea was suspected to be behind, by tracking down the same code patterns within the malware used for the attacks.
One case spotted in September last year was an attack on the personal computer of South Korea’s minister of national defense as well as the ministry’s intranet to extract military operations intelligence.
North Korean hackers used IP addresses in Shenyang, China, to access the defense ministry’s server, the report said.
Established in 2015, the Financial Security Institute was launched by the South Korean government to boost information management and protection in the nation’s financial sector following attacks on major South Korean banks in previous years.
The report said some of the content has not been proven fully and is not an official view of the government.
‘IN A DIFFERENT PLACE’: The envoy first visited Shanghai, where he attended a Chinese basketball playoff match, and is to meet top officials in Beijing tomorrow US Secretary of State Antony Blinken yesterday arrived in China on his second visit in a year as the US ramps up pressure on its rival over its support for Russia while also seeking to manage tensions with Beijing. The US diplomat tomorrow is to meet China’s top brass in Beijing, where he is also expected to plead for restraint as Taiwan inaugurates president-elect William Lai (賴清德), and to raise US concerns on Chinese trade practices. However, Blinken is also seeking to stabilize ties, with tensions between the world’s two largest economies easing since his previous visit in June last year. At the
Nearly half of China’s major cities are suffering “moderate to severe” levels of subsidence, putting millions of people at risk of flooding, especially as sea levels rise, according to a study of nationwide satellite data released yesterday. The authors of the paper, published by the journal Science, found that 45 percent of China’s urban land was sinking faster than 3mm per year, with 16 percent at more than 10mm per year, driven not only by declining water tables, but also the sheer weight of the built environment. With China’s urban population already in excess of 900 million people, “even a small portion
UNSETTLING IMAGES: The scene took place in front of TV crews covering the Trump trial, with a CNN anchor calling it an ‘emotional and unbelievably disturbing moment’ A man who doused himself in an accelerant and set himself on fire outside the courthouse where former US president Donald Trump is on trial has died, police said yesterday. The New York City Police Department (NYPD) said the man was declared dead by staff at an area hospital. The man was in Collect Pond Park at about 1:30pm on Friday when he took out pamphlets espousing conspiracy theories, tossed them around, then doused himself in an accelerant and set himself on fire, officials and witnesses said. A large number of police officers were nearby when it happened. Some officers and bystanders rushed
Beijing is continuing to commit genocide and crimes against humanity against Uyghurs and other Muslim minorities in its western Xinjiang province, U.S. Secretary of State Antony Blinken said in a report published on Monday, ahead of his planned visit to China this week. The State Department’s annual human rights report, which documents abuses recorded all over the world during the previous calendar year, repeated language from previous years on the treatment of Muslims in Xinjiang, but the publication raises the issue ahead of delicate talks, including on the war in Ukraine and global trade, between the top U.S. diplomat and Chinese