Daily Sabah logo

Politics
Diplomacy Legislation War On Terror EU Affairs Elections News Analysis
TÜRKİYE
Istanbul Education Investigations Minorities Expat Corner Diaspora
World
Mid-East Europe Americas Asia Pacific Africa Syrian Crisis Islamophobia
Business
Automotive Economy Energy Finance Tourism Tech Defense Transportation News Analysis
Lifestyle
Health Environment Travel Food Fashion Science Religion History Feature Expat Corner
Arts
Cinema Music Events Portrait Reviews Performing Arts
Sports
Football Basketball Motorsports Tennis
Opinion
Columns Op-Ed Reader's Corner Editorial
PHOTO GALLERY
JOBS ABOUT US RSS PRIVACY CONTACT US
© Turkuvaz Haberleşme ve Yayıncılık 2023

Daily Sabah logo

عربي
  • Politics
    • Diplomacy
    • Legislation
    • War On Terror
    • EU Affairs
    • Elections
    • News Analysis
  • TÜRKİYE
    • Istanbul
    • Education
    • Investigations
    • Minorities
    • Expat Corner
    • Diaspora
  • World
    • Mid-East
    • Europe
    • Americas
    • Asia Pacific
    • Africa
    • Syrian Crisis
    • Islamophobia
  • Business
    • Automotive
    • Economy
    • Energy
    • Finance
    • Tourism
    • Tech
    • Defense
    • Transportation
    • News Analysis
  • Lifestyle
    • Health
    • Environment
    • Travel
    • Food
    • Fashion
    • Science
    • Religion
    • History
    • Feature
    • Expat Corner
  • Arts
    • Cinema
    • Music
    • Events
    • Portrait
    • Reviews
    • Performing Arts
  • Sports
    • Football
    • Basketball
    • Motorsports
    • Tennis
  • Gallery
  • Opinion
    • Columns
    • Op-Ed
    • Reader's Corner
    • Editorial
  • TV

Elite group of North Korean hackers tied to attacks on global banks: researchers

by

WASHINGTON Oct 03, 2018 - 12:00 am GMT+3
by Oct 03, 2018 12:00 am

An elite group of North Korean hackers has been identified as the source of a wave of cyberattacks on global banks that has netted "hundreds of millions" of dollars, security researchers said Wednesday.

A report by the cybersecurity firm FireEye said the newly identified group dubbed APT38 is distinct from but linked to other North Korean hacking operations, and has the mission of raising funds for the isolated Pyongyang regime.

FireEye researchers said APT38 is one of several hacking cells within an umbrella group known as "Lazarus," but with unique skills and tools that have helped it carry out some of the world's largest cyber heists.

"They are a cybercriminal group with the skills of a cyberespionage campaign," said Sandra Joyce, FireEye's vice president of intelligence, in a briefing with journalists in Washington.

Joyce said one of the characteristics of APT38 is that it takes several months, sometimes nearly two years, to penetrate and learn the workings of its targets before its attacks, which have sought to illegally transfer more than $1 billion from victimized banks.

"They take their time to learn the intricacies of the organization," Joyce said.

Once they succeed, she added, "they deploy destructive malware on their way out" to hide their traces and make it more difficult for victims to find out what happened.

Sense of urgency

Joyce said FireEye decided to go public about the threat out of a "sense of urgency" because the group appears to still be operating and is "undeterred by any diplomatic efforts."

The group has compromised more than 16 organizations in at least 11 different countries since at least 2014, according to the FireEye report.

Some of the known attacks have targeted the Vietnam TP Bank in 2015, Bangladesh Bank in 2016, Far Eastern International Bank of Taiwan in 2017 and Bancomext of Mexico and Banco de Chile in 2018.

Joyce said the group appears to have "the scope and resources of a nation-state" but offered no specific figures on how many people it uses.

Nalani Fraser, a member of the FireEye research team, said APT38 attacks sought at least $1.1 billion since 2014 and have managed to steal "hundreds of millions of dollars based on data that we can confirm."

FireEye said there appears to be some sharing of resources between hacker groups in North Korea, including those involved in espionage and those in other kinds of attacks.

Some of the information about APT38 was revealed in a US criminal complaint unsealed last month against Park Jin Hyok, charged in connection with WannaCry ransomware outbreak and the attack on Sony Pictures.

But Park likely played only a peripheral role in APT38,which "has a focused mission to steal money to fund the North Korean regime," according to Joyce.

The researchers said APT38 used extremely sophisticated techniques including "phishing" emails to gain access to credentials and using "watering holes" -- hijacked websites that appear normal but which contain malware that enable hackers to gather more data and access.

As part of the scheme, the hackers created fake identities within known nongovernmental organizations or foundations to help move the stolen money, in some cases manipulating the global interbank transfer system known as SWIFT.

  • shortlink copied
  • Last Update: Oct 03, 2018 3:26 pm
    RELATED TOPICS
    fight-against-terrorism DEUTSCHE-BANK US-LIBYA-RELATIONS
    KEYWORDS
    homepage
    The Daily Sabah Newsletter
    Keep up to date with what’s happening in Turkey, it’s region and the world.
    You can unsubscribe at any time. By signing up you are agreeing to our Terms of Use and Privacy Policy. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
    No Image
    Commemorating Rumi: Islamic scholar, poet and mystic
    PHOTOGALLERY
    • POLITICS
    • Diplomacy
    • Legislation
    • War On Terror
    • EU Affairs
    • News Analysis
    • TÜRKİYE
    • Istanbul
    • Education
    • Investigations
    • Minorities
    • Diaspora
    • World
    • Mid-East
    • Europe
    • Americas
    • Asia Pacific
    • Africa
    • Syrian Crisis
    • İslamophobia
    • Business
    • Automotive
    • Economy
    • Energy
    • Finance
    • Tourism
    • Tech
    • Defense
    • Transportation
    • News Analysis
    • Lifestyle
    • Health
    • Environment
    • Travel
    • Food
    • Fashion
    • Science
    • Religion
    • History
    • Feature
    • Expat Corner
    • Arts
    • Cinema
    • Music
    • Events
    • Portrait
    • Performing Arts
    • Reviews
    • Sports
    • Football
    • Basketball
    • Motorsports
    • Tennis
    • Opinion
    • Columns
    • Op-Ed
    • Reader's Corner
    • Editorial
    • Photo gallery
    • Jobs
    • privacy
    • about us
    • contact us
    • RSS
    © Turkuvaz Haberleşme ve Yayıncılık 2021