North Korea's 'Lazarus' hackers attack global banks, stolen money to fund nuclear programs

A report from Russian cybersecurity firm Kaspersky claims North Korea to be responsible for the hacking attacks on banks in around 18 countries.

The impoverished country led by Kim Jong Un has relied on the Lazarus hackers to bring in money from financial institutions and big companies in order to sustain their nuclear weapons and missile programs.

Previously, similar cyber-attacks were attempted on financial institutions in Bangladesh, Ecuador, Philippines and Vietnam according to banks and security researchers. Now, researchers at Kaspersky say that the hacking operation known as Lazarus has also attacked banks in Costa Rica, Ethiopia, Gabon, India, Indonesia, Iraq, Kenya, Malaysia, Nigeria, Poland, Taiwan, Thailand and Uruguay. No doubt is given to their claim as the hackers can be traced back to North Korea, as per the Kaspersky researchers.

Normally, hackers position themselves far from their home and launch the cyber-attacks from computer servers where they are currently located. This is because they have to hide their location in order not to be traced. In the case of the North Korea-based Lazarus hackers, they carefully routed their signals through France, South Korea and Taiwan to setup that attack server.

What seemed like a perfect hacking operation turned out to be a failure as Kaspersky has spotted a mistake on the part of the Lazarus hackers. It found a brief connection that came from North Korea - proving their identity and origin.  "North Korea is a very important part of this equation," Vitaly Kamluk, who leads Kaspersky's Asia-Pacific research team, said in a statement as reported by CNN. The findings were disclosed publicly at the Kaspersky Security Analyst Summit, which is a cybersecurity conference held in the Caribbean island of St. Maarten.

This is not the first hacking attempt by North Korea although its targets have shifted in the recent years. Back in 2013, South Korea blamed its neighbor for the cyber-attacks on some banks and broadcasting stations. In 2014, the United States government also put the blame on North Korea for the hack on Sony Pictures. From 2015 and onwards, the Lazarus hackers have shifted their focus on financial institutions.

The most recent victim of these attacks was a Vietnamese commercial bank. Kaspersky also found cyber-attacks from banks in Gabon and Nigeria. Symantec, however, claims the attacks were not successful in stealing money.

Researchers from different cybersecurity firms have speculated that North Korea is banking its hacking operations in infected financial institutions. A UN report also found that North Korea is using a network of front companies to access global banks. The stolen money will help advance the nuclear programs that North Korea has been developing for many years now. 

"We tend to patronize North Korea and mock them. But over the past decade, they have shown the world they are... very capable when it comes to cybercrime," expert Sung-Yoon Lee noted.

Real Time Analytics