In 2016, the group attempted to steal about $95m from the Central Bank of Bangladesh SWIFT. The pressure increasesĪs the global economic pressure on North Korea increased, Lazarus shifted its focus to international financial organisations for financial and espionage gains, according to Group-IB. Extracts of the data were subsequently leaked. The hack involved the theft of personal information about the employees and their families, internal emails, copies of then-unreleased Sony films, as well as other information. The earliest known attack linked to the group, the "Troy Operation," took place between 20, and involved unsophisticated DDoS attacks against South Korean government targets.īy 2014, the Lazarus crew made its bones with the launch of a much more sophisticated attack against Sony Pictures. Lazarus (also known as Dark Seoul Gang) first came to notice after running various distributed denial of service (DDoS) and hack attacks against government, military and aerospace institutions worldwide. The Lazarus is allegedly controlled by Bureau 121, a division of the Reconnaissance General Bureau, a North Korean intelligence agency. Perhaps coincidentally, where National Defence Commission was located – previously the highest military body in North Korea. Despite the complex three-layer architecture, encrypted channels, VPN services and other advanced techniques, the researchers managed to identify that the group was operating from Potonggang District, North Korea. experts conducted an in-depth investigation of Lazarus activity and gained unique insight into their complex botnet infrastructure built by the hacker group to conduct their attacks. Group-IB goes much further than others in naming the specific North Korean agency involved, saying in a blog post: Instead, Group-IB argues that infrastructure research is more reliable.
Group-IB said its research is different from previous work, which was focused on either malware analysis or the attribution based on malware analysis.
LAZARUS GROUP BANK OF BANGLADESH SERIES
Western intel agencies and private cybersecurity firms also point to North Korea as prime suspects in the same series of attacks. Group-IB analysts reached their conclusion after running a deep analysis of the cybercriminals’ command & control infrastructure and reviewing other threat intelligence information. Moscow-based threat intelligence firm Group-IB has "no doubt" that Lazarus Group – a cybergang that launched raids against the Central Bank of Bangladesh and compromised a number of Polish banks – is connected to North Korea. A fresh analysis, from a slightly different perspective, once again fingered North Korea as the likely culprit behind hacks against Sony Pictures and the $81m heist from an account held by the Central Bank of Bangladesh.
0 kommentar(er)
