Tag Archive for: CashStarved

Cash-Starved North Korea Eyed in Brazen Bank Rakyat Indonesia Hack


Think Ocean’s 11—only the robbers are cash-starved, nuke-thirsty North Koreans and their weapons are keyboards, not explosives and guns.

In the latest efforts to fund Kim Jong-Un’s nuclear ambitions, hackers suspected of working for the North Korean government appear to have slithered their way into the computer networks of an Indonesian bank in an apparent attempt to pull off a megaheist to fund regime goals, The Daily Beast has learned.

It was around February of 2020 when the hackers, suspected of working for North Korea’s military intelligence agency—the Reconnaissance General Bureau (RGB)—are believed to have targeted the networks of Bank Rakyat Indonesia, cybersecurity researchers that have studied the malware culprit told The Daily Beast.

The hackers appear to have gone after the bank’s networks with custom-made North Korean malware, according to a technical report on the apparent breach obtained by The Daily Beast. It remains unclear whether the North Korean hackers were successful in stealing any money—the report doesn’t confirm with 100 percent certainty that the hackers were successful in hitting the bank and making off with the cash—but the report indicates the hackers were likely successful in running the final parts of their hacking campaign against the bank, said Adrian Nish, the head of threat intelligence at BAE Systems.

Nish added that the particular malware believed to have hit Bank Rakyat Indonesia was a “late-stage tool,” typically used after hackers have already gained access to the network and done reconnaissance on its systems.

That malware, known as “BEEFEATER,” also links the campaign to the same malware that the North Korean hackers used in another heist, in which they successfully stole millions of dollars from Bangladesh Bank, Nish told The Daily Beast.

In 2016, North Korean hackers broke into Bangladesh Bank, stealing $81 million by sending fraudulent payment orders through the Society for Worldwide Interbank Financial Telecommunication (SWIFT), a messaging system that makes bank transfers.

The North Koreans are [realizing] it’s so much more lucrative to go after the cryptocurrency exchanges.They get so much more out of it….

Source…