DubaiPRNetwork.com is an Online Press Release from Dubai and Middle East

Business & Economy
  

FireEye: FastCash2.0: North Korea's BeagleBoyz Robbing Banks

RSS Facebook Twitter LinkedDin DubaiPRNetwork.com on Instagram

United Arab Emirates, August 27, 2020:   CISA, Treasury, FBI, and USCYBERCOM identified malware and indicators of compromise (IOCs) used by the North Korean government in an ATM cash-out scheme—referred to by the U.S. Government as “FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks. According to the alert, North Korea’s widespread international bank robbery scheme that exploits critical banking systems may erode confidence in those systems and presents risks to financial institutions across the world. 
 
BeagleBoyz have attempted to steal nearly $2 billion since at least 2015, according to public estimates. Equally concerning, these malicious actors have manipulated and, at times, rendered inoperable, critical computer systems at banks and other financial institutions. 
 
Please find below the statement from Fred Plan, Senior Analyst, Mandiant Threat Intelligence, FireEye:
 
Mandiant Threat Intelligence tracks multiple groups conducting financially-motivated operations on behalf of the North Korean regime, most likely as part of a larger effort to develop revenue streams circumventing U.N. sanctions. The “FastCash 2.0” report focuses on the novel targeting of ATMs, overlapping with bank intrusion activities and previously known APT38 activity, although we cannot confirm that the FastCash tactics are specifically attributable to or unique to APT38. The group maintains and develops a robust suite of malware families specifically designed to target the banking industry and its peripheries. We have reported on several of the malware families included in the report, including the malware identified as “CROWDEDFLOUNDER”, which we track as CHEESETRAY, a robust proxy-aware backdoor that can operate in both an active and passive mode which we have observed in APT38 bank intrusion activity. We track the tunneler “ELECTRICFISH” under the moniker FULLHOUSE, which is a command-line TCP tunneling tool that supports basic and NTLM proxy authentication. However, we have only observed the malware identified as “HOPLIGHT”, which we track as HANGMAN, being leveraged by TEMP.Hermit. The tool’s reported use in activity directly targeting banks highlights how financially-motivated North Korean operations share malware code and other development resources with cyber espionage groups sponsored by the regime. - Fred Plan, Senior Analyst, Mandiant Threat Intelligence, FireEye
 

 

Posted by : DubaiPRNetwork.com Editorial Team
Viewed 11439 times
PR Category : Business & Economy
Posted on :Thursday, August 27, 2020  1:34:00 PM UAE local time (GMT+4)
Previous Article Previous Story : Minhaj Advisory and Taif Digital Institute Sign an MOU to Pr...
Next Story : ENBD REIT Announces Q1 NAV of USD 215 Million; Balance Shee...Next Article

 
Most Viewed Press Release posted in the last 7 days
 

RSS Facebook Twitter LinkedDin DubaiPRNetwork.com on Instagram
Back to Section Home

Related Stories
 
Top Sections
 
Top Stories
 
 
Global Innovations LLC,Dubai ©2017-2025 DubaiPRNetwork.com About Us | Contact Us | Subscribe to RSS Feed | Privacy Policy | Sitemap
Best Viewed with 1024x768 screen resolution
Please feel free to contact us : editor@DubaiPRNetwork.com
Portals of WorldPrNetwork.com : SaudiArabiaPR.Com, DubaiPRNetwork.com, QatarPRNetwork.com, KuwaitPR.com , AbuDhabiPR.com, DubaiBeautySpot.com
The content, images, and materials published on this website include submissions or contributions from third-party sources only. While we strive to ensure that all materials are used with appropriate permissions or under applicable licenses, DubaiPRNetwork.com does not guarantee the accuracy, ownership, or legality of third-party content. Check our Privacy Policy.