22 September 2017
visit www.avoka.com

Kaspersky Labs links North Korea to Bangladesh Bank heist

04 April 2017  |  6524 views  |  0 Computer virus

Security outfit Kaspersky Labs has become the latest voice to raise the possibility that North Korea was involved in last year's $81 million Bangladesh Bank cyberattack.

Last February, hackers used the Swift messaging system to convince the Federal Reserve Bank of New York to transfer $81 million from the Bangladesh central bank's account to accounts they controlled in the Philippines.

Since then, a well-known hacking collective known as Lazarus has been named as the likely culprit of the attack and many others, including on financial institutions and on Sony's Hollywood studio.

Kaspersky has been investigating the group for more than a year and says that Lazarus is careful to wipe traces but that it made a mistake on one heist.

In preparation for the operation, a breached server was configured as the command and control centre for the malware. The first connections made on the day of configuration were coming from a few VPN/proxy servers indicating a testing period; however, there was one short connection on that day which was coming from a "very rare" IP address range in North Korea.

Kaspersky says that this points to a possible origin of the Lazarus group or at least some of its members but stresses that "this is not enough proof to provide definitive attribution given that the connection session could have been a false flag operation".

However, Kaspersky is not the first to link the Bangladesh attack with North Korea. As reported by the New York Times, last month National Security Agency deputy director Richard Ledgett told a conference that research linked the bank attack to the Sony hack "forensically" and that "if that's true, then that says to me that the North Koreans are robbing banks. That's a big deal".

Meanwhile, at a separate conference last month in Toronto, James Lewis from the Canadian Security Intelligence Service (CSIS) also pointed at North Korea, arguing that this represents a new strategy by the country as it looks to source funds for government programmes.

The Wall Street Journal says that US prosecutors are already building potential cases related to the hack that would accuse North Korea of working with Chinese middlemen.

Comments: (0)

Comment on this story (membership required)

Finextra news in your inbox

For Finextra's free daily newsletter, breaking news flashes and weekly jobs board: sign up now

Related stories

Bangladesh Bank retrieves $15m stolen by hackers

Bangladesh Bank retrieves $15m stolen by hackers

14 November 2016  |  4480 views  |  0 comments | 3 tweets | 3 linkedin
Swift unveils tool to help banks spot fraudulent transfers

Swift unveils tool to help banks spot fraudulent transfers

20 September 2016  |  7193 views  |  3 comments | 10 tweets | 7 linkedin
Central banks review wholesale payments security

Central banks review wholesale payments security

19 September 2016  |  5228 views  |  0 comments | 5 tweets | 4 linkedin
Philippines central bank hits cyber-heist institution with $21 million fine

Philippines central bank hits cyber-heist institution with $21 million fine

05 August 2016  |  6797 views  |  0 comments | 6 tweets | 11 linkedin
More banks come forward as Bangladesh hack investigation expands

More banks come forward as Bangladesh hack investigation expands

26 May 2016  |  6477 views  |  0 comments | 5 tweets | 6 linkedin
As details of third attack emerge, Swift calls on banks to report hacks

As details of third attack emerge, Swift calls on banks to report hacks

20 May 2016  |  7885 views  |  0 comments | 17 tweets | 10 linkedin
Swift warns of second victim of bank hackers

Swift warns of second victim of bank hackers

13 May 2016  |  11503 views  |  5 comments | 11 tweets | 20 linkedin
Swift warns banks of malware threat

Swift warns banks of malware threat

25 April 2016  |  9585 views  |  0 comments | 16 tweets | 12 linkedin
No firewall and $10 routers blamed in Bangladesh Bank heist

No firewall and $10 routers blamed in Bangladesh Bank heist

22 April 2016  |  20043 views  |  2 comments | 20 tweets | 18 linkedin
Bangladesh Bank considers lawsuit against NY Fed over $81m hack

Bangladesh Bank considers lawsuit against NY Fed over $81m hack

23 March 2016  |  6401 views  |  0 comments | 2 tweets | 3 linkedin
Poor spelling thwarts Bangladesh Bank hackers

Poor spelling thwarts Bangladesh Bank hackers

10 March 2016  |  9456 views  |  1 comments | 17 tweets | 12 linkedin
Was Bangladesh Bank's account with the New York Fed hacked?

Was Bangladesh Bank's account with the New York Fed hacked?

08 March 2016  |  5299 views  |  0 comments | 3 tweets | 3 linkedin

Related blogs

Create a blog about this story (membership required)
visit www.capgemini.comvisit www.sibos.comdownload the paper now

Top topics

Most viewed Most shared
HSBC switches on selfie payments in ChinaHSBC switches on selfie payments in China
12747 views comments | 26 tweets | 42 linkedin
Dutch bank sentences teenage DDoS culprit to community serviceDutch bank sentences teenage DDoS culprit...
9577 views comments | 6 tweets | 3 linkedin
Apple P2P payments service nears launchApple P2P payments service nears launch
8278 views comments | 18 tweets | 27 linkedin
AXA launches blockchain to cover late flight compensationAXA launches blockchain to cover late flig...
8073 views comments | 13 tweets | 27 linkedin
SBI Ripple Asia advances on South KoreaSBI Ripple Asia advances on South Korea
7675 views comments | 16 tweets | 1 linkedin

Featured job

Competitive base, double ote, benefits
London, UK

Find your next job