The DPRK’s Lazarus hacking group used malware to infect servers controlling ATMs, allowing the group to withdraw cash.

While the group is believed to act on behalf of the state, some reports suggest that the group is now primarily motivated by profit.

The group is believed to have been behind the Bangladesh central bank heist using the SWIFT network, the breach at Sony Pictures in 2014, and a string of hacks against banks.

Analysis: While the group may be motivated by profit, it also likely continues to work at the behest of the North Korean government. DPRK may be increasingly targeting banks and financial entities in order to finance its activities both at home and abroad, including through withdrawal of cash that can fund operations and provide much-needed currency to its operators.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s


illicit financing, sanctions evasion


, , ,