North Korean hackers behind cyber-attacks against Mexican banks

According to cyber-security firm FireEye, a North Korean group called APT38 was behind the attacks
North Korean hackers behind cyber-attacks against Mexican banks
Some of the APT38’s most famous attacks were made on the TP Bank in Vietnam on December 2015 and the Bangladesh Bank, on February 2016 - Photo: File photo/EL UNIVERSAL
04/10/2018
19:11
Antonio Hernández
Mexico City
-A +A

According to the United States Cyber-Security Firm FireEye, the hacking attacks perpetrated last January against Mexico’s National Bank for Foreign Trade (BANCOMEXT), which generated losses for over 110 million dollars, was perpetrated by a Korean group called APT38.

A document issued by the Cyber-Security Firm called “APT38 Unusual Suspects,” the cyber-criminal group aims to obtain resources for the North Korean regime led by Kim Jong-un.

Last May, EL UNIVERSAL informed that the hacking conducted against BANCOMEXT had only been a rehearsal to organize a much larger cyber attack on the connection of five financial institutions to the Interbank Electronic Payments System (SPEI) at the end of April, which caused losses of at least MXN$300 million, according to information provided by the Bank of Mexico (BANXICO).

FireEye’s investigation pointed out that the Korean attackers had breached at least 16 financial institutions in 11 countries and attempted to steal a total of around 1.1 billion dollars through sophisticated hacking strategies.

“Not only do they forcefully gain access and conduct operations to transfer funds in a very short period of time, the APT38 is also thought to work like an espionage operation, conducting thorough surveillance strategies within the compromised financial institutions and balancing their financially motivated goals with data collection from the systems at hand,” the document states.

In January 2018, BANCOMEXT revealed that an attack had been made on their servers, paralyzing their operation for several days. Information from the bank itself allowed authorities to stop the transfer of resources that the cyber-criminals had engaged in.

Some of the APT38’s most famous attacks were made on the TP Bank in Vietnam on December 2015; the Bangladesh Bank, February 2016; the Far Eastern International Bank in Taiwan during the month of October 2017, and the Bank of Chile, on May 2016.

FireEye’s report explained that on August 2018, the attacks were focused on Cosmos Bank in India, where hackers used fake transactions at ATMs by using the SWIFT transfer system. On said occasion, individual account owners were used for the attack, as well as money laundering activities.

The document added that the ATP38 attacks had focused on banks and financial institutions at least since 2014.
 

Artículo

Mexico Central Bank to create cybersecurity unit

Banxico disclosed that it was creating a cybersecurity unit, following a hack on a domestic payments system at the end of April that affected Mexican banks
Mexico Central Bank to create cybersecurity unitMexico Central Bank to create cybersecurity unit

dm

INFORMACIÓN RELACIONADA

Mantente al día con el boletín de El Universal

 

COMENTARIOS