North Korea is reportedly behind hacking group, Lazarus, which has been linked to last year’s $81 billion cyberheist aimed at Bangladesh central bank as well as 2014 attack on Sony’s Hollywood studios, according to a report by South Korea’s Financial Security Institute (FSI).
The new report by the FSI which analyzed suspected cyberattacks between 2015 and 2017 on South Korean government and commercial establishments identified another Lazarus spinoff named Andariel, Reuters reported Friday.
According to the report by Reuters, the US government has blamed Pyongyang for the Sony hacking. Prosecutors are building a case against North in the Bangladesh bank heist, the news agency quoted unnamed US officials as saying.
“Bluenoroff and Andariel share their common root, but they have different targets and motives,” the FSI report said. “Andariel focuses on attacking South Korean businesses and government agencies using methods tailored for the country.”
Cybersecurity researchers have also said they have found technical evidence that could link North Korea with the global WannaCry “ransomware” cyberattack that infected more than 300,000 computers in 150 countries in May.
The report said the North Korean hacking group Andariel has been spotted attempting to steal bank card information by hacking into automated teller machines, and then using it to withdraw cash or sell the bank information on the black market. It also created malware to hack into online poker and other gambling sites and steal cash.
One case spotted last September was an attack on the personal computer of South Korea’s defense minister as well as the ministry’s intranet to extract military operations intelligence.
North Korean hackers used IP addresses in Shenyang, China to access the Defense Ministry’s server, the report said.