The Lazarus cyber criminal group appears to be behind a spate of custom malware attacks
Banks in 31 countries have been attacked by an aggressive malware campaign from the infamous Lazarus cyber criminal gang, according to threat data from Symantec.
The spate of attacks came to light when a Polish bank discovered unknown malware running on a clutch of its computers bearing indicators of compromise seen with malware used to attack other financial institutions, telecoms and Internet firms across the globe.
The code string in the malware are similar to those used by the Lazarus hacker group, notorious for a host of attacks since 2009 against targets in the US and South Korea, including the high-profile cyber attack on Sony Pictures and the theft of $81 million (£647m) from the Bangladesh Bank’s US Federal Reserve.
“Analysis of the malware is still underway. Some code strings seen in the malware used shares commonalities with code from malware used by the threat group known as Lazarus,” said Symantec’s security response team.
Symantec said the source of the Polish bank attack appears to have been the website of the Polish financial regulator, which was compromised in order to redirect visitors to a site containing a custom exploit kit that attempted to install malware on targeted computers with IP addressees from a list of 150 that belong to 104 different organisations in 31 countries.
The cyber security firm reported it has since blocked attempts to infect systems in Poland, Mexico and Uruguay since last October.
The targeted nature of the exploit kit indicates that it is no mere chaos causing malware but one that looks to steal money from lucrative targets once they are infected with malware.
“Further investigation of these attacks is underway and, over time, more evidence may emerge about the identity and motives of the attackers. After a series of high profile attacks on banks during 2016, this latest incident provides a timely reminder of the growing range of threats facing financial institutions,” said Symantec.
With the rise of such attacks against banks, it is no surprise firms like BT are offering ethical hacking services to help such financial institutions find holes in their infrastructure and move to shore up their cyber security.
How much do you know about hackers? Take our quiz!