The DPRK’s Lazarus hacking group used malware to infect servers controlling ATMs, allowing the group to withdraw cash.

While the group is believed to act on behalf of the state, some reports suggest that the group is now primarily motivated by profit.

The group is believed to have been behind the Bangladesh central bank heist using the SWIFT network, the breach at Sony Pictures in 2014, and a string of hacks against banks.

Analysis: While the group may be motivated by profit, it also likely continues to work at the behest of the North Korean government. DPRK may be increasingly targeting banks and financial entities in order to finance its activities both at home and abroad, including through withdrawal of cash that can fund operations and provide much-needed currency to its operators.

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Category

illicit financing, sanctions evasion

Tags

, , ,