The Washington Times: Cybersecurity exerts said malware used to steal millions of dollars from the Bank of Bangladesh contains evidence suggesting the North Korean government may be responsible for that hacks and others.
Symantec and FireEye, two of the top cybersecurity firms in the United States, stated separately Thursday that whoever stole $81 million from Bangladesh’s central bank in February did so using malware similar to what was recently deployed against financial institutions in southeast Asia, including a bank in the Philippines.
Malware used in those attacks contained computer code that Symantechas previously attributed with a group hackers the security firm calls “Lazarus” — the same group blamed by the company for waging an attack in 2014 against Sony Picture Entertainment that resulted in millions of dollars of losses for the movie company.
While neither firm concluded with certainty that North Korean hackers are responsible for the recent wave of cyberattacks waged against the global financial sector, Symantec and FireEye acknowledged the similarities between malware deployed against the various banks.
Distinctive code used in multiple attacks against regional banks “means these tools can be attributed to the same group,” Symantec said in a blog post.
“If you believe North Korea was behind those attacks, then the bank attacks were also the work of North Korea,” Symantec security researcher Eric Chien told The New York Times Thursday. “We’ve never seen an attack where a nation-state has gone in and stolen money.”
