U.S. Government Issues Warning on North Korea-Affiliated Hacker Group
Hackers associated with North Korea have resumed targeting banks worldwide to initiate fraudulent money transfers and ATM cashout schemes, according to an advisory yesterday from the Cybersecurity and Infrastructure Security Agency, Treasury Department, Federal Bureau of Investigation and U.S. Cyber Command. “The recent resurgence follows a lull in bank targeting since late 2019,” the advisory said.
The hacking team under control of North Korean intelligence, referred to as BeagleBoyz by the U.S. government, poses severe operational risk for individual banks beyond reputational harm and financial losses, the advisory said. BeagleBoyz perpetrated the notorious 2016 SWIFT compromise, and fraudulent ATM cashouts perpetrated by BeagleBoyz have affected more than 30 countries in a single incident.
The hackers were responsible for cyber-enabled ATM cashout campaigns called “FASTCash” from 2016 to 2018. Since this scheme was identified publicly in 2018, the advisory said, FASTCash can now be perpetrated against banks hosting switch applications on Windows servers and now targets interbank payment processors. Read the advisory.