NORTH KOREAN HACKERS ARE STEALING MILLIONS FROM ATM’S IN ASIA AND AFRICA
North Korea based hacking group Lazarus have stolen apx. tens of millions of dollar from ATMs from Asia and Africa’s banks. Report Cyber security firm Symantec.
Symantec’s research team has uncovered the key point used by the hackers.
The Operation, Known as “FASTCASH”, enabled Hackers to fraudulently stole ATMs Cash. Hackers first breaches targeted banks network and compromises the switch application servers handling ATMs transactions, Symantec said in Statement. It wasn’t clear yet if ATMs in India were also affected.
“On October 2, 2018, an alert was issued by US-CERT, the Department of Homeland Security, the Department of the Treasury, and the FBI. According to this new alert, Hidden Cobra (the US government’s code name for Lazarus) has been conducting “FASTCash” attacks, stealing money from Automated Teller Machines (ATMs) from banks in Asia and Africa since at least 2016,” said Symantec.
“Once these servers are compromised, previously unknown malware (Trojan.Fastcash) is deployed. This malware in turn intercepts fraudulent Lazarus cash withdrawal requests and sends fake approval responses, allowing the attackers to steal cash from ATMs,” explained the Symantec team.
“Lazarus continues to pose a serious threat to the financial sector and organisations should take all necessary steps to ensure that their payment systems are fully up to date and secured,” Symantec added.