Kaspersky Lab released the results of its investigation into the notorious hacking group known as Lazarus — the same group that is believed to be behind the theft of $81 million from the Central Bank of Bangladesh last year.
Through its research and forensic analysis, Kaspersky Lab discovered how the group operates and gained insight into the malicious tools it uses in order to steal large sums of money from financial institutions.
Still considered one of the largest and most successful cyberheists ever, hackers breached Bangladesh Bank’s systems and then used the SWIFT messaging network to order the transfer of $1 billion from its account at the New York Federal Reserve Bank last February.
According to The Wall Street Journal, the case being built by U.S. prosecutors both accuses North Korea of directing the heist and Chinese middlemen for being critical to carrying it out.
An FBI official stationed in the Philippines said the theft was a “state-sponsored” job.
Lamont Siller, the legal attaché at the U.S. embassy, offered no further explanation of his remarks — but they have been taken to indicate that U.S. authorities are zeroing in on those who were behind one of the world’s largest and most successful cyberheists.
“We all know the Bangladesh Bank heist; this is just one example of a state-sponsored attack that was done on the banking sector,” Siller told a cybersecurity forum.
Kaspersky Lab researchers were able to reconstruct how the group carries out an attack using the following steps: initial compromise, foothold established, internal reconnaissance and then deliver and steal.
Though the Lazarus group has been relatively quiet in recent months, the industry has been instructed to remain on high alert.
“We’re sure they’ll come back soon. In all, attacks like the ones conducted by Lazarus group show that a minor misconfiguration may result in a major security breach, which can potentially cost a targeted business hundreds of millions of dollars in loss,” Vitaly Kamluk, head of the Global Research and Analysis Team APAC at Kaspersky Lab, said in a press release. “We hope that chief executives from banks, casinos and investment companies around the world will become wary of the name Lazarus.”