U.S. Department of the Treasury’s declare sanctions targeting three North Korean state-sponsored hacker group responsible for attacking Critical Infrastructure.
Office of Foreign Assets Control (OFAC) identified that three hacking groups namely “Lazarus Group,” “Bluenoroff,” and “Andariel” are controlled by North Korea’s primary intelligence bureau.
These groups are known for conducting large scale attack targeting government, military, financial, manufacturing, publishing, media, entertainment, and international shipping companies, as well as critical infrastructure
“Treasury is taking action against North Korean hacking groups that have been perpetrating cyberattacks to support illicit weapon and missile programs,” said Sigal Mandelker, Treasury Under Secretary for Terrorism and Financial Intelligence.
The Lazarus Group was created as early as 2007, the group involved in massive hack attacks such as 2014 attack on Sony and WannaCry ransomware attack which affected more than 150 countries.
The group also responsible for 2016 Bangladeshi bank attacks and they illegally transfer US $81 Million by placing a custom malware in bank servers.
A subgroup of Lazarus Group dubbed Bluenoroff created the North Korean government to earn revenue illegally by attacking financial institutions and banks.
The Bluenoroff group work together with Lazarus Group and conducted attacks targeting more than 16 organizations across 11 countries including SWIFT messaging system and cryptocurrency exchanges.
The second sub-group of Lazarus Group is Andariel, it was spotted first on 2015 and it conducts malicious activities targeting foreign businesses, government agencies, financial services infrastructure, private corporations, and businesses, as well as the defense industry.
Andariel group focuses on stealing payment cards and hacking into ATMs to withdraw cash and to steal customer information.
“According to industry and press reporting, these three state-sponsored hacking groups likely stole around $571 million in cryptocurrency alone, from five exchanges in Asia between January 2017 and September 2018.”
OFAC blocked all property and interests in property of these entities within the control of united states and prohibits U.S. citizens from doing any business with these groups.
“Treasury is taking action against North Korean hacking groups that have been perpetrating cyberattacks to support illicit weapon and missile programs,” said Sigal Mandelker, Treasury Under Secretary for Terrorism and Financial Intelligence.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.
The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS devices.…
White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch Experts…
Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan exploits…
The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on organizations…
Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to millions…
WrnRAT is a new malware attack that cybercriminals have deployed by using popular gambling games…