Dozens Of Cyber Attacks Against Global Banks Linked To Lazarus Hacker Group

Banks in 31 countries have been attacked by an aggressive malware campaign from the infamous Lazarus cyber criminal gang, according to threat data from Symantec.

The spate of attacks came to light when a Polish bank discovered unknown malware running on a clutch of its computers bearing indicators of compromise seen with malware used to attack other financial institutions, telecoms and Internet firms across the globe.

The code string in the malware are similar to those used by the Lazarus hacker group, notorious for a host of attacks since 2009 against targets in the US and South Korea, including the high-profile cyber attack on Sony Pictures and the theft of $81 million (£64.7m) from the Bangladesh Bank’s US Federal Reserve.

“Analysis of the malware is still underway. Some code strings seen in the malware used shares commonalities with code from malware used by the threat group known as Lazarus,” said Symantec’s security response team.

Lazarus rising

Symantec said the source of the Polish bank attack appears to have been the website of the Polish financial regulator, which was compromised in order to redirect visitors to a site containing a custom exploit kit that attempted to install malware on targeted computers with IP addressees from a list of 150 that belong to 104 different organisations in 31 countries.

The cyber security firm reported it has since blocked attempts to infect systems in Poland, Mexico and Uruguay since last October.

The targeted nature of the exploit kit indicates that it is no mere chaos causing malware but one that looks to steal money from lucrative targets once they are infected with malware.

“Further investigation of these attacks is underway and, over time, more evidence may emerge about the identity and motives of the attackers. After a series of high profile attacks on banks during 2016, this latest incident provides a timely reminder of the growing range of threats facing financial institutions,” said Symantec.

With the rise of such attacks against banks, it is no surprise firms like BT are offering ethical hacking services to help such financial institutions find holes in their infrastructure and move to shore up their cyber security.

How much do you know about hackers? Take our quiz!

Roland Moore-Colyer

As News Editor of Silicon UK, Roland keeps a keen eye on the daily tech news coverage for the site, while also focusing on stories around cyber security, public sector IT, innovation, AI, and gadgets.

Recent Posts

Twitter To Hide Tweets That Share False Information During A Crisis

Potentially risking Elon's wrath over free speech, Twitter says it will hide tweets spreading misinformation…

13 hours ago

Boeing Starliner Test Flight Readied For Tonight

Third time the charm? Main rival to SpaceX's Dragon capsule, the embattled Boeing Starliner spacecraft,…

15 hours ago

September 13 Slated For iPhone 14 Launch – Report

No surprise there. Apple is slated to launch the iPhone 14 on 13 September according…

17 hours ago

Texas Social Media Law Battle Heads To Supreme Court

Battle between Texas and social networking giants reaches US Supreme Court, and it could decide…

18 hours ago

UK Can Legally Launch Cyberattacks Against Hostile Nations, Says AG

Chief legal advisor to government says UK can legally launch cyberattacks against hostile nations, and…

22 hours ago