Security & Fraud

Kaspersky Lab Hunts Down Infamous Lazarus Hackers

kaspersky lab investigates lazarus

Kaspersky Lab released the results of its investigation into the notorious hacking group known as Lazarus — the same group that is believed to be behind the theft of $81 million from the Central Bank of Bangladesh last year.

Through its research and forensic analysis, Kaspersky Lab discovered how the group operates and gained insight into the malicious tools it uses in order to steal large sums of money from financial institutions.

Still considered one of the largest and most successful cyberheists ever, hackers breached Bangladesh Bank’s systems and then used the SWIFT messaging network to order the transfer of $1 billion from its account at the New York Federal Reserve Bank last February.

According to The Wall Street Journal, the case being built by U.S. prosecutors both accuses North Korea of directing the heist and Chinese middlemen for being critical to carrying it out.

An FBI official stationed in the Philippines said the theft was a “state-sponsored” job.

Lamont Siller, the legal attaché at the U.S. embassy, offered no further explanation of his remarks — but they have been taken to indicate that U.S. authorities are zeroing in on those who were behind one of the world’s largest and most successful cyberheists.

“We all know the Bangladesh Bank heist; this is just one example of a state-sponsored attack that was done on the banking sector,” Siller told a cybersecurity forum.

Kaspersky Lab researchers were able to reconstruct how the group carries out an attack using the following steps: initial compromise, foothold established, internal reconnaissance and then deliver and steal.

Though the Lazarus group has been relatively quiet in recent months, the industry has been instructed to remain on high alert.

“We’re sure they’ll come back soon. In all, attacks like the ones conducted by Lazarus group show that a minor misconfiguration may result in a major security breach, which can potentially cost a targeted business hundreds of millions of dollars in loss,” Vitaly Kamluk, head of the Global Research and Analysis Team APAC at Kaspersky Lab, said in a press release. “We hope that chief executives from banks, casinos and investment companies around the world will become wary of the name Lazarus.”



Banks, corporates and even regulators now recognize the imperative to modernize — not just digitize —the infrastructures and workflows that move money and data between businesses domestically and cross-border.

Together with Visa, PYMNTS invites you to a month-long series of livestreamed programs on these issues as they reshape B2B payments. Masters of modernization share insights and answer questions during a mix of intimate fireside chats and vibrant virtual roundtables.

Click to comment