Hackers’ target Nigerian banks

Spread the love

Nigerian banks and some others in 18 countries across the globe are said to be on the radar of an international hacker syndicate allegedly being funded by hackers from North Korea.

In a report released by a Russian online cyber security firm, Kaspersky, the hacking operation — known as “Lazarus” — attacked financial institutions in Costa Rica, Ethiopia, Gabon, India, Indonesia, Iraq, Kenya, Malaysia, Nigeria, Poland, Taiwan, Thailand, and Uruguay.

This report is coming after more than a year-long investigation into the activity of “Lazarus”, the hacking group allegedly responsible for the theft of $81 million in US currency from the Central Bank of Bangladesh last year.

The suggestion that North Korea could have been behind the attack, or at least involved, has added to concerns that the pariah nation is becoming bolder in its cyber-attacks against global financial institutions.

North Korea’s mysterious Lazarus hacking operation has been blamed for several large international cyber-attacks in recent years. The hackers can be traced back to North Korea, according to Kaspersky researchers. To hide their location, hackers typically launch cyber-attacks from computer servers far from home.

ALSO SEE: Nigeria loses N127billion to cybercrimes yearly

To hide their location, hackers typically launch cyber-attacks from computer servers far from home.

According to Kaspersky, the Lazarus hackers carefully routed their signal through France, South Korea and Taiwan to set up that attack server. But there was apparently one mistake spotted by Kaspersky: A connection that briefly came from North Korea.

“North Korea is a very important part of this equation,” said Vitaly Kamluk, who leads Kaspersky’s Asia-Pacific research team.

The North Korean government has reportedly denied allegations of the hack.
Kaspersky Lab itself has said that despite the evidence of the North Korean IP address, that “is not enough proof to provide definitive attribution given that the connection session could have been a false flag operation.”

Banks and security researchers have previously identified four similar cyber-heists attempted on financial institutions in Bangladesh, Ecuador, the Philippines and Vietnam.