October 04, 2018 09:25
North Korean hackers have stolen hundreds of millions of dollars from major banks in at least 11 countries over the past four years, cyber security experts said Wednesday. They have siphoned off money from banks and nongovernmental organizations in Brazil, Mexico, Russia, the U.S. and Vietnam among others.
Staff of cybersecurity firm FireEye told a forum in Washington that the hacking group, which it has dubbed Advanced Persistent Threat 38, is the biggest and most dangerous in the world and seems to have started operating in February 2014, about a year after the UN Security Council imposed sanctions against the North in March 2013.
Though mostly focused on banks, APT38 has also hacked a global NGO and stolen money it was trying to remit to South Korea.
APT38 is different from the North Korean-affiliated Lazarus Group that was blamed for the "WannaCry" ransomware attack that crippled some 300,000 computers in about 150 countries in May last year.
APT38 hacked Vietnam's Tien Phong Bank in 2015, Bangladesh Bank, the central bank of Bangladesh, in 2016, Taiwan's Far Eastern International Bank in 2017, Bancomext in Mexico in January this year and Chile's Banco de Chile in May.
But FireEye said the scope of the attacks and damage could be much bigger since companies are often reluctant to disclose that they have been hacked. The IP addresses involved in the attacks were traced back to Pyongyang and China following malware strains and traces of assistance by North Korean hacker Park Jin-hyok, whom the U.S. Justice Department indicted last month, in developing the malware.
The attacks typically involve long and careful planning. APT38 takes an average of 155 days to analyze the security system of a bank's computer network and makes a custom-designed hacking program. In some case, the malware lay dormant inside the host for as long as two years.
The North is increasingly desperate for hard cash as international sanctions bite.
Headquartered in California, FireEye is a global cybersecurity firm that develops security programs for corporations and public agencies. About half of the companies on the Forbes Global 2000 list use FireEye programs.
- Copyright © Chosunilbo & Chosun.com