Security News > 2020 > August > North Korean Hackers Are Back at Targeting Banks

Since February 2020, North Korean state-sponsored hackers have been targeting banks in multiple countries, the Cybersecurity and Infrastructure Security Agency, the Department of the Treasury, the Federal Bureau of Investigation and U.S. Cyber Command warn in a joint advisory.

"The BeagleBoyz's bank robberies pose severe operational risk for individual firms beyond reputational harm and financial loss from theft and recovery costs. [] Equally concerning, these malicious actors have manipulated and, at times, rendered inoperable, critical computer systems at banks and other financial institutions," the joint advisory reads.

The US notes that the BeagleBoyz often leave anti-forensic tools on the computer networks of victim institutions, that they deployed a wiper against a bank in Chile in 2018, and also warns that the hackers' ability to "Exploit critical banking systems may erode confidence in those systems and presents risks to financial institutions across the world."

Since the FASTCash scheme was publicly detailed in October 2018, the hackers have updated their capability to perform the attacks.

Following initial intrusion, the hackers selectively exploit systems within the compromised environment, and employ a variety of methods to run code, maintain access to the compromised systems, leverage privileges, and evade defenses.

News URL

http://feedproxy.google.com/~r/Securityweek/~3/WVZU1MOou5g/north-korean-hackers-are-back-targeting-banks