The Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury, the Federal Bureau of Investigation (FBI), and U.S. Cyber Command (USCYBERCOM) have issued a joint technical alert about an ongoing bank robbery scheme perpetrated by North Korea. According to the alert released on August 26, North Korean hackers are targeting banks in multiple countries, initiating fraudulent international money transfers and ATM cash outs.
“North Korean cyber actors have demonstrated an imaginative knack for adjusting their tactics to exploit the financial sector as well as any other sector through illicit cyber operations,” said Bryan Ware, Assistant Director of Cybersecurity, CISA. “CISA and our interagency partners work closely with industry to provide actionable, specific and timely cyber threat information…. Our aim is to disrupt and defeat malicious cyber campaigns and help government and industry partners prioritize resources to highest risk to stay one-step ahead of adversaries.”
Three malware analysis reports accompany the alert. The reports disclose variants used by North Korea to gain unauthorized access to victim networks, ATMs, or point of sale systems.
For more information about the alert, please follow the links below.
Joint Technical Alert: FASTCash 2.0: North Korea’s BeagleBoyz Robbing
Banks, Cybersecurity & Infrastructure Security Agency
CISA, Treasury, FBI and USCYBERCOM release cyber alert on latest North Korea bank robbing scheme, Cybersecurity & Infrastructure Security Agency