Lazarus, one of the most active organisations in the digital universe, use various techniques to appropriate systems. The group misappropriated of several millions of dollars from banks in Bangladesh, Taiwan and Costa Rica.
The Lazarus group is unstoppable, and its story seems to be taken from a movie. The mysterious hacker organisation feared by authorities around the world is an active actor in the cybercriminal universe. The North Korean group, created in 2009 has been involved in hacking operations against financial institutions worldwide. In 2017, Lazarus caused chaos across the world with WannaCry. The ransomware cyber attack affected more than 230,000 computers in not less than 150 countries. Their operation began in Asia but recently the global level. In 2016, the first incident in
But how has this cybercriminal group done to execute attacks of such dimension?
Since 2015, the cybersecurity company Kaspersky Lab has researched the modus operandi of the organisation. In an event in Moscow (Russia),
Kaspersky Lab revealed some of its most widely used strategies. According to Fabio Assolini, Kaspersky’s computer security analyst, these cybercriminals are very intelligent. They study the victim and dedicate weeks to analyse the network, the software and the operation of the bank. They stay for a while and then do the theft of millions of dollars.
Kaspersky further explained that the organization of cybercriminals has subgroups. One group is explicitly dedicated to cyber-espionage tasks and attacks on companies. And another focuses on robberies to financial institutions. The servers of the entity commit a site that the people of the bank will access. They infect a computer, which may be someone who is not so crucial to the company.
Experts explain that they used
Distraction and Attack
Martinez says the attackers also point to a method of distraction. They seek to generate an attack and make the incident response group focuses on the latest incident. In the meantime, the real assault takes place, for example fraudulently making money transfers.
Most of the time, they transfer money through the Swift electronic payment system. Swift is an international network that connects 11,000 banks in the world and allows the sending of money between them.
Martinez concluded that the goal is to make transfers untraceable and impossible to recover.
Experts predict that Lazarus will continue to expand its power around the world with even more sophisticated attacks.
Read the full report of Kaspersky Lab predictions to financial institutions for 2019.