A Russian
online cyber security firm, Kaspersky, Thursday, alleged that North Korean
hackers are allegedly attacking banks in Nigeria and 17 other countries.
The
organisation noted in its report that this could be regarded as the biggest
bank heist in world history.
Reports said
banks and security researchers had previously identified four similar
cyber-heists attempt on financial institutions in Bangladesh, Ecuador, the
Philippines and Vietnam.
But on
Thursday, researchers at Kaspersky said the same hacking operation, known as
“Lazarus”, also attacked financial institutions in Costa Rica, Ethiopia, Gabon,
India, Indonesia, Iraq, Kenya, Malaysia, Poland, Taiwan, Thailand, Uruguay and
Nigeria.
But the
Central Bank of Nigeria has since said it was not aware of the development.
The new
report is coming after more than a year-long investigation into the activity of
“Lazarus”, the hacking group allegedly responsible for the theft of $81 million
from the Central Bank of Bangladesh last year.
The claims
that North Korea could have been behind the attack has added to concerns that
the country is becoming bolder in its cyber attacks against global financial
institutions.
CNN reports
that North Korea’s mysterious Lazarus hacking operation has been blamed for
several large international cyber attacks in recent years.
Reserchers
at Kaspersky said the hackers can be traced back to North Korea, adding that to
hide their location, hackers typically launch cyber attacks from computer
servers far from home.
The Lazarus
hackers, according to Kaspersky, carefully routed their signal through France,
South Korea and Taiwan to set up that attack server but a connection that
briefly came from North Korea was spotted by Kaspersky.
Vitaly
Kamluk, who leads Kaspersky’s Asia-Pacific research team, said, “North Korea is
a very important part of this equation,” but the North Korean government has
reportedly denied allegations of the hack.
Kaspersky
Lab has, however, said despite the evidence of the North Korean IP address, it
“is not enough proof to provide definitive attribution given that the
connection session could have been a false flag operation.”
(Premium
Times)
No comments:
Post a Comment