DPRK’s Lazarus group steals from ATMs in Asia
The DPRK’s Lazarus hacking group used malware to infect servers controlling ATMs, allowing the group to withdraw cash.
While the group is believed to act on behalf of the state, some reports suggest that the group is now primarily motivated by profit.
Analysis: While the group may be motivated by profit, it also likely continues to work at the behest of the North Korean government. DPRK may be increasingly targeting banks and financial entities in order to finance its activities both at home and abroad, including through withdrawal of cash that can fund operations and provide much-needed currency to its operators.