Press "Enter" to skip to content

North Korea-Connected Attackers Stole Millions From ATMs All Over The World

Hackers with connections to the Government of North Korea employed complicated Trojan malware named as “Trojan.Fastcash” to pinch millions of dollars from ATMs all over Africa and Asia, as per a report from Symantec (the cybersecurity company). The hacking group, dubbed as Lazarus, employed the Trojan to infect the servers handling the ATMs, permitting them to intercept their own fraudulent payment requests and take off money.

Analogous ATM attacks have been coming to notice since 2016, as per a warning issued earlier by Homeland Security’s US-CERT (Computer Emergency Readiness Team), the organization accountable for reducing and analyzing cyber threats. One incident in 2017 witnessed cash simultaneously taken from ATMs all over 30 different nations, and a different attack previously this year witnessed cash withdrawn all over 23 nations. Symantec observes that so far each Fastcash attack has hit servers using unsupported editions of its AIX OS, recommending that the vulnerabilities used by the attackers have since been fixed.

On a related note, attackers earlier stole the health data of 1.5 Million people in Singapore comprising Lee Hsien Loong (the Prime Minister). This was done with the leader particularly targeted in the largest ever data breach of the city-state. The health and information ministries of Singapore claimed that a database of the government was breached into in a targeted, deliberate, and well-designed strike, defining the hack as extraordinary.

“Hackers repeatedly and specifically targeted the outpatient information and personal particulars of Lee Hsien Loong,” claimed Gan Kim Yong, the health minister, to the media in an interview. “Singapore’s Cyber Security Agency conducted forensic analysis that suggested the attacked to be a targeted, deliberate, and well-designed cyber attack and not the job of any casual criminal gangs or attackers,” he claimed.

Officials refused to speak on the identity of the attackers, mentioning operational safety, but claimed that the data of prime minister has not emerged up anywhere on the web.