Advanced Threat Protection

Expand all | Collapse all

FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks

  • 1.  FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks

    Posted 08-26-2020 10:53 PM
    Hi,

    Is Symantec/Broadcom aware of the recently reported of US CISA regarding on FASTCash 2.0 of North Korea's BeagleBoyz Attack? Please see link below.

    HIDDEN COBRA - FASTCash Campaign | CISA
    Cisa remove preview
    HIDDEN COBRA - FASTCash Campaign | CISA
    Since at least late 2016, HIDDEN COBRA actors have used FASTCash tactics to target banks in Africa and Asia. At the time of this TA's publication, the U.S. Government has not confirmed any FASTCash incidents affecting institutions within the United States.FASTCash schemes remotely compromise payment switch application servers within banks to facilitate fraudulent transactions.
    View this on Cisa >


    Is there related article or detection for this? This quite alarming specially on clients under Financial Institution. Please help me in spreading this news so that Symantec can take action for it.

    Many Thanks.

    Regards,
    Chaggy

    ------------------------------
    Shellsoft Technology Corporation
    ------------------------------


  • 2.  RE: FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks

    Posted 08-31-2020 06:05 AM
    This is pretty disturbing news. Banks and financial institutions must be very careful about it and continuously asses their hosting providers. According to Forbes "

    When an attack is underway-especially a DDoS attack-it is often to divert the call center's and IT team's attention away from monitoring the real attack, which is external transfers and wire requests to new beneficiaries", which means that the IT team must be very careful. Also not only the banks but also other companies must be harmed from the attacks. Recently one of my friends who were running a real estate business in Europe based on selling luxury houses in Greece mentioned that they were suspecting such attack.