Kaspersky: North Korean hackers attack banks in Nigeria, 18 other countries

A Russian online cyber security firm, Kaspersky, Thursday, alleged that North Korean hackers are allegedly attacking banks in Nigeria and 17 other countries.

The organisation noted in its report that this could be regarded as the biggest bank heist in world history.

Reports said banks and security researchers had previously identified four similar cyber-heists attempt on financial institutions in Bangladesh, Ecuador, the Philippines and Vietnam.

But on Thursday, researchers at Kaspersky said the same hacking operation, known as “Lazarus”, also attacked financial institutions in Costa Rica, Ethiopia, Gabon, India, Indonesia, Iraq, Kenya, Malaysia,
Poland, Taiwan, Thailand, Uruguay and Nigeria.

But the Central Bank of Nigeria has since said it was not aware of the development.

The new report is coming after more than a year-long investigation into the activity of “Lazarus”, the hacking group allegedly responsible for the theft of $81 million from the Central Bank of Bangladesh last year.

The claims that North Korea could have been behind the attack has added to concerns that the country is becoming bolder in its cyber attacks against global financial institutions.

CNN reports that North Korea’s mysterious Lazarus hacking operation has been blamed for several large international cyber attacks in recent years.

Reserchers at Kaspersky said the hackers can be traced back to North Korea, adding that to hide their location, hackers typically launch cyber attacks from computer servers far from home.

The Lazarus hackers, according to Kaspersky, carefully routed their signal through France, South Korea and Taiwan to set up that attack server but a connection that briefly came from North Korea was spotted by Kaspersky.

Vitaly Kamluk, who leads Kaspersky’s Asia-Pacific research team, said, “North Korea is a very important part of this equation,” but the North Korean government has reportedly denied allegations of the hack.

Kaspersky Lab has, however, said despite the evidence of the North Korean IP address, it “is not enough proof to provide definitive attribution given that the connection session could have been a false flag operation.”


Source: Premium Times