Skip to main content
close search
site logo
Dive Brief

Kaspersky: Lazarus launched global cyberattacks across sectors, hacking group still active

Published April 4, 2017
By
Contributing Editor
Dollar Photo Club

Dive Brief:

  • Kaspersky Lab recently completed a year-long investigation into Lazarus, the hacking group allegedly responsible for the theft of $81 million from the Central Bank of Bangladesh in 2016, which is widely considered to be the largest cyber heist ever.

  • Kaspersky said it "gained a deep understanding of what malicious tools the group uses and how it operates," which allowed the company to interrupt two "potential" Lazarus operations attempting to steal large amounts of money from financial institutions, according to an announcement.

  • Malware samples linked to Lazarus appeared in financial institutions, casinos, software developers for investment companies and crypto-currency businesses in countries across the world beginning in 2015, according to Kaspersky. The countries included Korea, Bangladesh, India, Vietnam, Poland and Iraq, to name a few. The latest samples were detected in March 2017, indicating that the group is still active.

Dive Insight:

The report illustrates how Lazarus instigated complex, long-lasting attacks starting when a single system inside a bank was breached with remotely accessible code or through a watering hole attack. The attacks show how a simple breach can grow into something much bigger and more damaging at the hands of a group of sophisticated hackers.

Though Lazarus was extremely good at erasing its tracks, Kaspersky did find at least one serious mistake wherein the group left clues behind, which ultimately allowed Kaspersky to stop the group a number of times as it pursued other attacks. However, Lazarus also adapts and learns from its mistakes quickly, indicating there may be much more to come from the group.

Researchers previously established links between Lazarus and 1,000 malicious file samples and connected the group to DDoS attacks against major organizations in South Korea and the U.S., including government, media, military, aerospace, financial and critical infrastructure groups. Lazarus was also linked to the attack on Sony Pictures, which cost that company an estimated $35 million in IT repairs.

Recommended Reading

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
Revenera Monetization Monitor 2025: Product Usage Insights Drive Better Roadmaps
From Revenera
November 25, 2024
PointFive is Apparently the Hottest Cloud Startup, Here is Why
From Jordan Mitchell
November 21, 2024
Legion Technologies Partners with Vail Resorts to Expand Workforce Management Across 37 Resort…
From Legion Technologies
November 19, 2024
Newgen and Fadata Join Forces to Optimize Insurance Content Management
From Newgen Software
November 13, 2024
Editors' picks
Latest in Security
Industry Dive is an Informa TechTarget business.
© 2024 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.