Go to Contents Go to Navigation

(LEAD) U.S. issues alert against N. Korean hackers robbing banks

All News 06:54 August 27, 2020

(ATTN: UPDATES with more details in paras 5-8)
By Byun Duk-kun

WASHINGTON, Aug. 26 (Yonhap) -- The U.S. government issued an alert Wednesday against what it called "cyber theft" by North Korean hackers targeting banks in many countries.

In a joint alert with the U.S. Treasury Department, FBI and U.S. Cyber Command, the Cybersecurity and Infrastructure Security Agency (CISA) said "North Korean government cyber actors" were using malware to gain illicit access to "banks in multiple countries to initiate fraudulent international money transfers and ATM cash outs."

"North Korean cyber actors have demonstrated an imaginative knack for adjusting their tactics to exploit the financial sector as well as any other sector through illicit cyber operations," Bryan Ware, assistant director of cybersecurity at CISA, was quoted as saying.

(LEAD) U.S. issues alert against N. Korean hackers robbing banks - 1

"CISA and our interagency partners work closely with industry to provide actionable, specific and timely cyber threat information, like today's alert," added Ware.

CISA said it was not the first time North Korea was engaged in a cash-out scheme.

"North Korea's BeagleBoyz are responsible for the sophisticated cyber-enabled ATM cash-out campaigns identified publicly as "FASTCash" in October 2018," it said, adding, "To differentiate methods from other North Korean malicious cyber activity, the U.S. government refers to this team as BeagleBoyz."

The U.S. agency also cited public estimates that North Korea's BeagleBoyz "have attempted to steal nearly US$2 billion since at least 2015."

It said the BeagleBoyz have targeted more than 30 countries since 2015, including South Korea, Japan and India.

Wednesday's alert came after the U.S. military's top cyber official said the communist state is hacking international financial networks to steal money.

"North Korea flouts sanctions by hacking international financial networks and cryptocurrency exchanges to generate revenue that funds its weapons development activities," Gen. Paul Nakasone, the commander of U.S. Cyber Command, said in an article published Tuesday by U.S. magazine Foreign Affairs.

Pyongyang faces a wide range of U.S. and international sanctions that followed its nuclear and missile tests.

"We know that North Korea uses cyber enabled tactics and techniques to steal currency, which it would otherwise be denied under international sanctions," Brig. Gen. Joe Hartman, Cyber National Mission Force commander, said, according to the joint alert issued Wednesday.

The U.S. Army earlier estimated North Korea to maintain as many as 6,000 trained hackers, many of whom are believed to be based in other countries such as China and India.

"Today's alert adds to a large and still growing list of malicious cyber activity by North Korean state actors and should not be understated," said the alert.


Send Feedback
How can we improve?
Thanks for your feedback!