back to article 'Desperate' North Korea turns to bank hacking sprees to rake in much-needed dosh

Hackers backed by the North Korea government are attempting to ransack foreign banks to raise funds for the cash-strapped hermit nation. Researchers at FireEye say that a gang dubbed APT38* are trying to pull off a billion-dollar money grab, and are working separate from the infamous Nork-sponsored Lazarus group. According to …

  1. Tigra 07 Silver badge
    Thumb Up

    For anyone who isn't familiar with the 2016 Bank of Bangladesh heist look it up on Youtube. Absolutely fascinating how they managed it and timed everything, including taking the printers down at the same time. It sounds as sophisticated as an Oceans Eleven heist.

    That's not a thumbs up, it's a concealed nuke from the Supreme Leader...

    1. Anonymous Coward
      Anonymous Coward

      'Sophisticated as an Oceans Eleven heist'

      Or just cost-cutting complacency, bad planning, assumptions:

      http://www.reuters.com/article/us-usa-fed-bangladesh-idUSKCN0XI1UO

      1. bombastic bob Silver badge
        Pirate

        "That's where the money is"

        I believe it was Willie Sutton who was reported to have said something like what's in the title, in response to "why do you rob banks". [some research suggests that the news reporter might have imbellished a bit]

        from the article: "Why the use of such sophisticated and intricate operations just to attack banks?"

        (see title)

  2. macjules Silver badge
    Facepalm

    Bad actors?

    a sustained attack by a team of bad actors

    I have a vision of out of work North Korean hams who signed up for hacking duties after their last flop.

  3. Anonymous Coward
    Anonymous Coward

    There's a stupid, fat, paranoid, evil dictator at work here.

    And he obviously didn't promise Kim Jong-un enough aid when they met recently.

    1. Mark 85 Silver badge

      Re: There's a stupid, fat, paranoid, evil dictator at work here.

      But, the news says they're "in love".

    2. bombastic bob Silver badge
      Trollface

      Re: There's a stupid, fat, paranoid, evil dictator at work here.

      Kim Jong Un as Cartman from South Park - RESPECT MY AUTHORITAH!

      At least he's not launching rockets over Japan, or blowing up mountains.

  4. ForthIsNotDead Silver badge

    Interesting...

    I'm unable to find any credible evidence online that points to the involvement of North Korea. There might be good reasons for that, of course. However, I'm left wondering if "North Korea" is becoming the de-facto excuse to levy when there's no suspects whatsoever. After all, "North Korea" sounds much better than "No fucking clue who did it".

    1. Anonymous Coward
      Anonymous Coward

      Re: Interesting...

      Neither can I. Then again, I'm only looking on Kwangmyong.

    2. Version 1.0 Silver badge

      Re: Interesting...

      "no evidence" - really? The country has been hit with sanctions for years now and yet has managed to build nuclear bombs and intercontinental missiles ... how would you fund that kind of development with their economy if you didn't have a lot of money pouring in under the table?

      1. Walter Bishop Silver badge
        Facepalm

        Re: Interesting...

        @Version 1.0: "how would you fund that kind of development with their economy if you didn't have a lot of money pouring in under the table?"

        Through the use of plain old fashioned fraud rather than having to hire on script kiddies. Your best bet is to target the UN or NGOs. Or in this part of the world, facilitate money laundering for the drug cartels. Did you know it isn't a legal requirement for the major financial institutions to report large movements of currency through their books. This as a results of a law passed some time back in the middle of the 'war on drugs'.

    3. netminder

      Re: Interesting...

      Maybe news is slow getting to Saint Petersburg.

      Determining the source is a complex analysis of the code used, the C&C systems used and previous behavior. It takes time so ignore the early guesses but work done by reputable organizations over time are very accurate.

    4. Robert Helpmann?? Silver badge
      FAIL

      Re: Interesting...

      I'm unable to find any credible evidence online that points to the involvement of North Korea.

      Try looking.

  5. amanfromMars 1 Silver badge

    FTFY Shaun Nichols in San Franciso

    The group specialises in extracting huge sums of cash from banks via the SWIFT transaction system, often using sophisticated attacking tools that had previously been reserved for attacks by governments on espionage operations.

    APT ...* In infosec terms, an acronym for "advanced persistent threat" - a sustained attack by a team of great actors on a network/s which remains undetected for a long period of time, sometimes years (usually well-funded, sometimes by a state, so the group can remain, er, "persistent").

    And becoming ever more popular as an effective means of attacking oppressive regimes.

    1. ivan5

      Re: FTFY Shaun Nichols in San Franciso

      often using sophisticated attacking tools that had previously been reserved for attacks by governments on espionage operations.

      Has the NSA had its budget cut?

  6. Tikimon Silver badge
    Pirate

    You have seen the future, and it is Now

    This is going to spread, folks. The Norks have shown the way. Can't keep your country afloat on taxes and commerce? Simply steal the cash from another country! Very soon, another cash-strapped country will start doing this, maybe Burma or Venezuela... someone always follows. One or two more, then everyone piles in. Eventually, affluent countries will find reasons to do it as well, possibly to "recover stolen funds".

    It's the old story since humans first threw rocks at each other. Make it difficult enough for your enemy to attack you and they will find a new way to do it. Land wars are expensive and messy. Electronic wars destroy nothing compared to bombing, kill nobody, cost less than one fighter plane's load of missiles and can be totally deniable. It's too good to pass up for long.

    World War III will be financial, so to speak. Given the lack of physical borders with armies fighting for land, there will be little reason to form strong alliances. The ones that form will be transient and rather limited. I could be wrong, but I expect a free for all of state-sponsored finance hacking within a decade or so.

    Free opinions, worth every cent!

    1. Jamie Jones Silver badge
      Flame

      Re: You have seen the future, and it is Now

      Well, it's one way we can mitigate brexit.....

  7. dmacleo

    this applies to the son also ...

    https://www.youtube.com/watch?v=UEaKX9YYHiQ&t=90s

  8. Thrudd
    Facepalm

    So how?

    With all the sanctions why hasn't their connection to communications not been cut down to a single copper pair?

    Can't hack if you dont have connectivity.

    I think Blizzard won't weep too much on losing their one and only NK subscriber.

    1. Mark 85 Silver badge

      Re: So how?

      With all the sanctions why hasn't their connection to communications not been cut down to a single copper pair?

      Their connections are via China. Good luck trying to shut that down.

      1. Andrew Moore Silver badge

        Re: So how?

        Also, a lot of the hacking is done by the agents in the field, rather than in North Korea.

  9. Joe Montana

    Who?

    False flag operations are also very easy to conduct, and it's easy to blame north korea, or russia, or china, or whoever else is enemy of the day.

    Economic sanctions don't generally hurt a regime, they hurt the innocent people. There will always be black markets willing to sell goods for them, but keeping the country cut off from the world is actually doing the regime a favour. Their local propaganda can blame sanctions for hurting the country and its people and the sanctions themselves restrict the flow of any information which might contradict the official line of the regime.

    1. DougS Silver badge

      Re: Who?

      The black markets require money though, and that's what North Korea is extremely short on and need to steal to be able to buy off the black market. It isn't as though they're going to accept North Korean currency with Dear Leader's face plastered on it. They will want dollars, euros or yuan. Or maybe bitcoin.

      1. Mark 85 Silver badge

        Re: Who?

        The black markets require money though, and that's what North Korea is extremely short on and need to steal to be able to buy off the black market.

        NK wants nukes and the tech isn't cheap. Dear Leader wants his nice (expensive) cars, etc. The citizens need food. At some point, this house of cards will fail.

        1. DougS Silver badge

          Re: Who?

          North Korea HAS nukes and missiles capable of reaching just about anywhere on the planet, so it is debatable whether they need to continue spending money to further develop those capabilities. They've demonstrated them, the world knows they have them, what's the point of developing MIRVs or whatever would be next?

          It is all the other stuff they need, and the fact they have little that anyone else wants (and that they have no land routes to countries other than China and Russia and a minimal shipping industry) One of their major exports is coal, but China has canceled a lot of new coal plants since wind and solar are becoming cheaper (and will continue to become cheaper, while coal won't) so North Korea may be having trouble selling that coal to China.

          Still, it is in China's interest to do just enough trade with North Korea to prop up the dictatorship, because they don't want the government to collapse and have millions of starving people streaming across the border.

          1. David Roberts Silver badge

            Re: Who?

            I think China is less worried about refugees and more worried about S. Korea uniting with the North and moving their border up to China.

            Useful to have an authoritarian buffer zone on your border.

    2. bombastic bob Silver badge
      Childcatcher

      Re: Who?

      economic sanctions are better than warfare. less damage all around

      just sayin' [icon obvious]

  10. Anonymous Coward
    Anonymous Coward

    What? More evidence free allegations of state sponsored hacking from FireEye? They need a new marketing manager.

  11. Anonymous Coward
    Anonymous Coward

    Lil' Kim sting

    While he has you looking the other way, Kim will be going thru your wallet.

    Trump better keep his pants on.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019