DPRK’s Lazarus group steals from ATMs in Asia

The DPRK’s Lazarus hacking group used malware to infect servers controlling ATMs, allowing the group to withdraw cash.

While the group is believed to act on behalf of the state, some reports suggest that the group is now primarily motivated by profit.

The group is believed to have been behind the Bangladesh central bank heist using the SWIFT network, the breach at Sony Pictures in 2014, and a string of hacks against banks.

Analysis: While the group may be motivated by profit, it also likely continues to work at the behest of the North Korean government. DPRK may be increasingly targeting banks and financial entities in order to finance its activities both at home and abroad, including through withdrawal of cash that can fund operations and provide much-needed currency to its operators.

Read more

Jessica DavisComment