NEW YORK (AP) — Cybersecurity researchers say North Korea might be connected to a recent attack that resulted in the theft of over $100 million from the Bangladeshi central bank and the attempted thefts of millions more from other Asian banks.
If the finding holds up, the attacks would amount to a new strategy for the rogue nation, whose state-sponsored efforts have been have long been motivated by politics, not money.
Security researchers at Symantec say that the malware used in February to steal $101 million from the Bangladeshi bank's account in the Federal Reserve Bank of New York is similar to that used in the past by a group known as "Lazarus."
That group has been linked to a string of hackings largely focused on U.S. and South Korean targets dating back to 2009. That includes the crippling 2014 hack of Sony Pictures, which the FBI has blamed on the North Korean government . North Korea denied the allegation.
According to the Symantec research, the malware's rare code also showed up in the October 2015 hack of a bank in the Philippines and another of a Vietnamese bank about two months later, tying both to the breach of the Bangladesh bank.
Earlier this month, the global money-transfer coordinator Swift reported a new cyberattack against another unnamed bank. Swift said the attack was part of a coordinated campaign following the theft from the Bangladesh bank.
While Swift didn't say if any money had been stolen, it did say that the attack allowed for the transfer of money and the tampering of bank documents.
It also emphasized that its own system, which connects more than 11,000 banking and securities organizations as well as other clients moving billions each year, had not been compromised by the malware.
Follow Bree Fowler at https://twitter.com/APBreeFowler. Her work can be found at http://bigstory.ap.org/author/bree-fowler.