North Korea’s cyber army, long considered a midlevel security threat, is quietly morphing into one of the world’s most sophisticated and dangerous hacking machines.
Over the past years, the nation’s fingerprints have appeared in an increasing number of cyberattacks, the skill level of its hackers has rapidly improved and their targets have become more worrisome.
In 2017, Kaspersky Lab published the results of the Infamous Hackers in its more-than-year-long investigation into the activity of Lazarus – a notorious hacking group.
During the forensic analysis of artefacts left by the group in South-East Asian and European banks, Kaspersky Lab has reached a deep understanding of what malicious tools the group uses and how it operates while attacking financial institutions, casinos, software developers for investment companies and crypto-currency businesses around the world. This knowledge has helped to interrupt at least two other operations which had one goal – to steal a large amount of money from financial institutions.
According to Kaspersky Lab records, from December 2015, malware samples relating to Lazarus group activity appeared in financial institutions, casinos software developers for investment companies and crypto-currency businesses in Korea, Bangladesh, India, Vietnam, Indonesia, Costa Rica, Malaysia, Poland, Iraq, Ethiopia, Kenya, Nigeria, Uruguay, Gabon, Thailand and several other countries.
The latest samples known to Kaspersky Lab were detected in March 2017, showing that attackers have no intention of stopping.
Institutions and banks in kenya have been loosing millions to hackers in the past decade.
In 2017 Kenya revenue authority lost close to Ksh4B in a deep-rooted syndicate with connections outside the country.
According to State Prosecutor Edwin Okello, the hackers have high tech equipment and software that have enabled them to steal from corporations.