Connect with us


Hackers in North Korea have stolen millions of dollars from ATMs worldwide

This spate of ATM attacks uses a sophisticated Trojan malware dubbed “Trojan.Fastcash.”

hackers north korea atms
Image: Unsplash

A hacking group with ties to the North Korean government has been linked to the theft of tens of millions of dollars of ATM cash across Asia and Africa.

The links were published in a recent report from the cybersecurity firm Symantec. The group of hackers is known as Lazarus, and you might remember that they were behind the Sony Pictures hack that leaked the film The Interview, a comedy set in North Korea.

Since then, their hacks have turned to financial gains, including the theft of $81 million in 2016’s Bangladesh Bank Robbery and the widely-publicized WannaCry ransomware attacks that affected millions of computers. That ransomware locked users computers down by encrypting all the files, promising to only unencrypt them if the user sent $300 of Bitcoin to a wallet address. The warning given to users was that all the files would be deleted in seven days if the ransom was not paid.

More information regarding the recent hacks

This spate of ATM attacks uses a sophisticated Trojan malware dubbed “Trojan.Fastcash” that infects the servers that control the ATMs, allowing them to intercept their own transaction requests and withdraw cash.

These and similar ATM attacks have been raising alarms since late 2016, spurring Homeland Security’s Computer Emergency Readiness Team (US-CERT) to issue a warning last month. The scale of these attacks is staggering, with one event in 2017 having cash withdrawn from ATMs in 30 countries simultaneously, and another one earlier this year was spread over 23 countries.

It’s worth mentioning that Symantec says every FASTCash attack so far has taken advantage of servers running unsupported versions of its AIX operating system, which would suggest that patches have been issued to fix the vulnerabilities used by the hacking groups.

Any readers out there get infected with WannaCry? Did you pay if you did, or did you just wipe the hard drives? Let us know in the comments below.

Editors’ Recommendations:

Follow us on Flipboard, Google News, or Apple News

Maker, meme-r, and unabashed geek with nearly half a decade of blogging experience at KnowTechie, SlashGear and XDA Developers. If it runs on electricity (or even if it doesn't), Joe probably has one around his office somewhere, with particular focus in gadgetry and handheld gaming. Shoot him an email at joe@knowtechie.com.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

More in News