Symantec has posted on their blog that they have found evidence that North Korea is behind the recent string of attacks on several Asian banks. The malware used to steal $81 million from Bangladesh’s central bank is linked to attacks on a bank in the Philippines and in Vietnam.
Security researchers say the malware is similar to that used in the past by a group known as “Lazarus.” The group has been linked to a string of hackings largely focused on U.S. and South Korean targets dating back to 2009. That includes the crippling 2014 hack of Sony Pictures, which the FBI has blamed on the North Korean government. North Korea denied the allegation.
Symantec said a bank in Ecuador also reported to have lost $12 million to attackers using fraudulent SWIFT transactions. Its researchers now back findings by the British defense contractor BAE Systems that links the Bangladesh central bank heist and cyber-attacks on the banks in Vietnam and Ecuador.
In all 3 attacks on those banks, the hackers were able to compromise the security of SWIFT, the messaging system, once thought to be the world’s most secure system for sending orders for financial transactions.
A detailed dive can be found at: http://www.symantec.com/connect/blogs/swift-attackers-malware-linked-more-financial-attacks