Symantec traces Swift attacks to North Korea
27 May 2016 | 8110 views | 0
Security researchers at Symantec have pinned the blame for the spate of attacks on South East Asian banks connected to the Swift network on a state-sponsored North Korean hacking group.
Symantec has found evidence that a bank in the Philippines has also been attacked by the group that stole US$81 million from the Bangladesh central bank and attempted to steal over $1 million from the Tien Phong Bank in Vietnam.
In addition to this, some of the tools used share code similarities with malware used in historic attacks linked to a threat group known as Lazarus, who were fingered by the FBI as the cybergang behind North Korea's assault on Sony Pictures.
It emerged yesterday that up to a dozen banks in South East Asia have come forward to flag similar Swift-connected breaches over the past six months. Investigators believe the hackers are targeting smaller banks in South East Asia where security protocols are not as rigorous as those applied by banks in the West.
"The discovery of more attacks provides further evidence that the group involved is conducting a wide campaign against financial targets in the region," says Symantec. "While awareness of the threat posed by the group has now been raised, its initial success may prompt other attack groups to launch similar attacks. Banks and other financial institutions should remain vigilant."