News
Hackers in North Korea have stolen millions of dollars from ATMs worldwide
This spate of ATM attacks uses a sophisticated Trojan malware dubbed “Trojan.Fastcash.”
Just a heads up, if you buy something through our links, we may get a small share of the sale. It’s one of the ways we keep the lights on here. Click here for more.
A hacking group with ties to the North Korean government has been linked to the theft of tens of millions of dollars of ATM cash across Asia and Africa.
The links were published in a recent report from the cybersecurity firm Symantec. The group of hackers is known as Lazarus, and you might remember that they were behind the Sony Pictures hack that leaked the film The Interview, a comedy set in North Korea.
Since then, their hacks have turned to financial gains, including the theft of $81 million in 2016’s Bangladesh Bank Robbery and the widely-publicized WannaCry ransomware attacks that affected millions of computers. That ransomware locked users computers down by encrypting all the files, promising to only unencrypt them if the user sent $300 of Bitcoin to a wallet address. The warning given to users was that all the files would be deleted in seven days if the ransom was not paid.
More information regarding the recent hacks
This spate of ATM attacks uses a sophisticated Trojan malware dubbed “Trojan.Fastcash” that infects the servers that control the ATMs, allowing them to intercept their own transaction requests and withdraw cash.
These and similar ATM attacks have been raising alarms since late 2016, spurring Homeland Security’s Computer Emergency Readiness Team (US-CERT) to issue a warning last month. The scale of these attacks is staggering, with one event in 2017 having cash withdrawn from ATMs in 30 countries simultaneously, and another one earlier this year was spread over 23 countries.
It’s worth mentioning that Symantec says every FASTCash attack so far has taken advantage of servers running unsupported versions of its AIX operating system, which would suggest that patches have been issued to fix the vulnerabilities used by the hacking groups.
Any readers out there get infected with WannaCry? Did you pay if you did, or did you just wipe the hard drives? Let us know in the comments below.
Editors’ Recommendations:
- Apple has figured out how to block GrayKey, turning the police hacking tool into a paperweight
- Boomerang CycloTrac is a bike security device that sure as hell beats taking off your tire
- The new T2 Security Chip from Apple means hackers will have a harder time eavesdropping