![]() ![]() “They had sophisticated knowledge on a business level,” Watteyne said. They learn the inner workings of SWIFT software and develop and implement patches that allow the attackers to steal significant amounts of money without leaving a trace behind on the hacked systems.ĭries Watteyne, SWIFT head of customer security intelligence, also appeared at SAS and said the attackers had intimate knowledge of how the SWIFT network processes transactions and messages between financial institutions. The attackers, researchers said, aren’t looking for smash-and-grab bank robberies. ![]() SWIFT is a global network supporting financial transactions and messaging between institutions. Vitaly Kamluk of Kaspersky Lab and Adrian Nish and Sergey Shevchenko of BAE Systems today published an update on Lazarus and Bluenoroff, pinning to them their unique interest in SWIFT software. ![]() The group has also been connected to an attack earlier this year against banks in Poland, based on code strings and wiper malware discovered and known to be part of Lazarus’ arsenal. The group, widely believed to be North Korean, has been linked to a February 2016 attack against the Bangladesh Central bank that resulted in more than $850 million in fraudulent SWIFT network transactions, $80 million of which still has not been recovered.Īt the Security Analyst Summit, researchers from Kaspersky Lab and BAE Systems explained how the splinter group, known as Bluenoroff, has almost exclusively hit financial institutions, casinos, financial trade software development companies and cryptocurrency businesses. Given the level of sophistication in the attacks against Bangladesh Bank and others, it has been suggested in the past that those who carried them out could be insiders.SINT MAARTEN-The Lazarus Group, a nation-state level of attacker tied to the 2014 attacks on Sony Pictures Entertainment, has splintered off a portion of its operation to concentrate on stealing money to fund itself. One of its main tenets is better information sharing within the industry, which Swift says it will help co-ordinate. Global bank transfer messaging organization Swift responded this week by launching a five-point plan for its members designed to fortify their defenses against future attacks. “The discovery of more attacks provides further evidence that the group involved is conducting a wide campaign against financial targets in the region.” The FBI concluded that the North Korean government was responsible for this attack,” explained Symantec. “The group was linked to Backdoor.Destover, a highly destructive Trojan that was the subject of an FBI warning after it was used in an attack against Sony Pictures Entertainment. Lazarus is linked to a string of attacks since 2009 aimed at US and South Korean organizations. ![]() This raises the prospect that the hackers who attacked Bangladesh Bank and others are North Korean state-sponsored operatives. However, Backdoor.Contopee also provides a link to the Lazarus gang, which has been observed using the same malware. This means that at least one more bank, in the Philippines, is likely to have been attacked by the Swift hackers that have already been pegged for raids on the Bangladesh Bank, Vietnam’s Tien Phong bank and Ecuador’s Banco del Austro. “Symantec believes distinctive code shared between families and the fact that Backdoor.Contopee was being used in limited targeted attacks against financial institutions in the region, means these tools can be attributed to the same group,” it explained. On closer inspection it discovered code sharing between early variants of Backdoor.Contopee and Trojan.Banswift – which was used in the $81 million heist at the Bangladesh Bank. The security giant explained in a blog post that it identified three pieces of malware used in a newly discovered set of attacks on South-east Asian banks: Backdoor.Fimlis,, and Backdoor.Contopee. The recent SWIFT attacks on banks across the globe have links to the infamous Lazarus Group pegged for the Sony Pictures Entertainment hack, according to Symantec. ![]()
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |