#AceNewsReport – Feb.19: Editor says as ‘ Governments and Bank Security Officials ‘ begin to link ‘ Cyber Heists ‘ together they begin to look at a ‘ Global Picture ‘ and the perpetrator in this case and unknown hackers disabled the City printer connected to global payments platform SWIFT on Feb. 6, preventing the bank from receiving acknowledgement messages for three fraudulent payment instruction sent that evening until the next morning: “Nobody suspected that it was an attack and thought it was a systemic network failure,” N. Kamakodi told Reuters by phone. “The system department people, everybody assembled, analyzed the problem, rebooted, they closed shop only around 10-10.30 in the night.” #AceNewsDesk reports
The next morning, bank officials managed to reconcile the previous day’s transactions and found out “three transactions which were not originated from our bank”: The bank had been able block only one of the transfers worth $500,000, while attempts were under way to retrieve the rest, he said. It first disclosed the heist on Saturday. (reut.rs/2ohQElt)……..In the case of Bangladesh Bank, hackers infected the system with malware that disabled the SWIFT printer. Bank officials in Dhaka initially assumed there was simply a printer problem. (reut.rs/2jk1W74)
The hackers stole the money from Bangladesh Bank’s account at the Federal Reserve Bank of New York using fraudulent orders on SWIFT. The money was sent to accounts at Manila-based Rizal Commercial Banking Corp and then disappeared into the casino industry in the Philippines……….Nearly two years later, there is no word on who was responsible and Bangladesh Bank has been able to retrieve only about $15 million, mostly from a Manila junket operator………“We definitely see similarities between the Bangladesh case, and the similarities are being factored into the investigation,” Kamakodi said.
City Union, a small private lender based in south India, said the three money transfer instructions were sent via correspondent banks to accounts in Dubai, Turkey and China: He said SWIFT was helping it investigate the matter, and that the hack happened despite the bank adding new security measures days before.
“It’s a cat and mouse game,” he said:
SWIFT said it did not comment on individual customers or entities:
Russia’s central bank said last week that unknown hackers stole 339.5 million rubles ($6 million) in an attack via the SWIFT international payments messaging system in Russia last year. (reut.rs/2Gl0Hxu)
($1 = 56.4 rubles) (This version of the story corrects last paragraph to say hackers stole via the SWIFT platform, not on the platform)
India bank hack ‘similar’ to $81 million Bangladesh central bank heist https://t.co/DvDzHFMQNO pic.twitter.com/R7ZqoNbi8o Reporting by Sudarshan Varadhan; Editing by Krishna N. Das and Nick Macfie
Reuters Top News February 19, 2018:
North Korea-linked hackers are attacking banks worldwide
Saint Maarten (CNN)North Korea’s hacking operations are growing and getting more bold — and increasingly targeting financial institutions worldwide.
North Korea is now being linked to attacks on banks in 18 countries, according to a new report from Russian cybersecurity firm Kaspersky.
And the stolen money is likely being spent advancing North Korea’s development of nuclear weapons, according to two international security experts.
Banks and security researchers have previously identified four similar cyber-heists attempted on financial institutions in Bangladesh, Ecuador, the Philippines and Vietnam.
But researchers at Kaspersky now say the same hacking operation — known as “Lazarus” — also attacked financial institutions in Costa Rica, Ethiopia, Gabon, India, Indonesia, Iraq, Kenya, Malaysia, Nigeria, Poland, Taiwan, Thailand, and Uruguay.
North Korea’s mysterious Lazarus hacking operation has been blamed for several large international cyberattacks in recent years.
The hackers can be traced back to North Korea, according to Kaspersky researchers.
To hide their location, hackers typically launch cyberattacks from computer servers far from home. According to Kaspersky, the Lazarus hackers carefully routed their signal through France, South Korea and Taiwan to setup that attack server.But there was apparently one mistake spotted by Kaspersky: A connection that briefly came from North Korea.
“North Korea is a very important part of this equation,” said Vitaly Kamluk, who leads Kaspersky’s Asia-Pacific research team.
Researchers disclosed their findings publicly on Monday at Kaspersky’s Security Analyst Summit, a cybersecurity conference on the Caribbean island of St. Maarten.
Kaspersky is one of the world’s top cybersecurity firms, providing popular anti-malware protection to computers at homes and companies worldwide. Its researchers are known for exposing some of the most complex global hacking operations. US law enforcement remains suspicious of the firm’s ties to the Russian government, but Kaspersky strongly denies Kremlin influence on the company’s business.
Cybersecurity firm Kaspersky denies ties to the Russian government.
North Korea’s targets have been shifting in recent years.
In 2013, when South Korea’s banks and broadcasters were attacked, that government blamed its neighbor to the north. In 2014, the US government blamed North Korea for the the hack on Sony Pictures. Clues in both cases pointed to Lazarus.
By late 2015, the Lazarus hackers shifted their attention to the global financial system, according to researchers at BAE Systems, FireEye and Symantec.
The earliest known victim was a Vietnamese commercial bank. The latest attacks, observed by Kaspersky in March, included operations attacking financial institutions in Gabon and Nigeria in Africa.
Though most of the attacks were not successful in stealing money, several were, according to Symantec.
And researchers said these hackers intend to attack major Western banks using increasingly sophisticated methods.
One recent example is a trap set at the website of Poland’s financial regulator. Hackers embedded malicious code onto that Polish website, according to BAE Systems. And they limited the infections to visitors from particular internet addresses — employees at banks.
The code showed that Lazarus hackers created a list of 150 internet addresses that served as “a hit list,” said Eric Chien, a researcher at Symantec, which issued its own warning about North Korea hacking earlier this year.
CNN ran those addresses through internet records kept by DomainTools, a cybersecurity firm. Those IP addresses belong to the World Bank, as well as the central banks of Brazil, Chile, Estonia, Mexico and Venezuela, as well as a wide range of well known global banks.
Kaspersky said its defense software has blocked more than a dozen infections from Lazarus. It’s unclear which banks were ultimately infected.
Researchers at several cybersecurity firms theorize that North Korea is attempting to build a network of infected banks to move around stolen money.
For example, millions of dollars were taken from Bangladesh’s account at the New York Federal Reserve last year and moved to Sri Lanka and a casino in the Philippines, according to investigators.
North Korea tried to funnel some of that money through one infected bank in Southeast Asia, according to a researcher at FireEye. But an emergency team at FireEye managed to block it in time.
American prosecutors in Los Angeles are now investigating the Bangladesh bank hack, a federal law enforcement source told CNN.
And the money may be going to help develop North Korea’s nuclear program.
“This is all for their nuclear weapons and missile programs. They need this money for building and researching more ballistic missiles,” said Anthony Ruggiero, a senior fellow for Foundation for Defense of Democracies who tracks North Korea’s illegal behavior.
North Korea’s secret banking
This aggressive hacking operation coincides with a global effort to block North Korea from the financial system as punishment for its nuclear program. United Nations sanctions block countries from allowing banks to do business with the tightly-controlled regime of Kim Jong Un.
But in February, a UN investigation revealed that North Korea is using a network of front companies and secret agents to access global banks. For example, North Korea used electronics and shipping companies to move millions of dollars, essentially making them financial institutions. The regime also set up several banks as subsidiaries of Chinese and Malaysian firms, masking their true ownership.
Cyber heists play a role in this illicit scheme, because stolen funds can be used to prop up those front companies, according to Sung-Yoon Lee, a Korea expert who teaches at Tufts University.
“We tend to patronize North Korea and mock them. But over the past decade, they have shown the world they are… very capable when it comes to cybercrime,” he said.
CNN’s Scott Glover contributed to this report CNN.Com
Editor says #AceNewsDesk reports & #Brittius says are provided by Sterling Publishing & Media News and all our posts, links can be found at here https://t.me/acenewsdaily and thanks for following as always appreciate every like, reblog or retweet and free help and guidance tips on your PC software or need help & guidance from our experts AcePCHelp.WordPress.Com or you can follow our breaking news posts on AceBreakingNews.WordPress.Com or become a member on Telegram https://t.me/acebreakingnews