A graphic included in the United Nations report on North Korea evading Security Council sanctions shows how the hackers stole $13.5 million from the Cosmos Bank.

N.Korean cyberattack looted $13.5mn from Indian bank

March 29, 2019
··

Starved for foreign funds due to UN sanctions, North Korea carried out a $13.5 million cyber heist of Cosmos Bank using a network across 28 countries by breaking its internal safety measures, according to the world body…writes Arul Louis

A graphic included in the United Nations report on North Korea evading Security Council sanctions shows how the hackers stole $13.5 million from the Cosmos Bank.

The Security Council’s panel of experts that monitors the sanctions on North Korea said the cyberattack in August last year was carried out “by an advanced persistent threat group” from that country.

“In August 2018, about $13.5 million was withdrawn from Cosmos Bank in India in more than 14,000 simultaneous automatic teller machine (ATM) withdrawals in 28 countries, as well as in additional transfers to an account belonging to a Hong Kong-based company,” the report said.

The report by the panel of experts headed by Hugh Griffiths was released earlier this month by Council President Francois Delattre.

“The Cosmos attack was a more advanced, well-planned and highly coordinated operation that bypassed three main layers of defence contained in International Criminal Police Organization (INTERPOL) banking/ATM attack mitigation guidance,” the report said.

Outlining the North Korean tactic, it said, “Not only were the actors able to compromise the SWIFT network in the Cosmos case to transfer the funds to other accounts, but they simultaneously compromised internal bank processes to bypass transaction verification procedures and order worldwide transfers to almost 30 countries where funds were physically withdrawn by individuals in more than 10,000 separate transactions over a weekend.”

SWIFT, which stands for Society for Worldwide Interbank Financial Transaction code, identifies banks for international financial transactions.

The transfers to the Hong Kong-based company’s account were made using SWIFT, the report said.

The report quoted a UN member country as saying that North Korea was using cyberspace for undercover operations “to acquire funds through a variety of measures in order to circumvent the sanctions”.

The US has charged North Korean hacker Park Jin Hyok, who was a member of the hacking organisation known as the Lazarus Group and is also linked to North Korea’s Reconnaissance General Bureau, according to the UN report.

He is charged with engaging in “wide-ranging, multi-year conspiracy to conduct computer intrusions and commit wire fraud” on behalf of North Korea.

The report said that according to the US, Park “has travelled to China in the past and conducted legitimate IT (information technology) work under the front company ‘Chosun Expo’ or the Korean Expo Joint Venture”.

The report said that Park and his associates were also responsible for “fraudulent transfer of $81 million from Bangladesh Bank,” according to the US.

Banco de Chile was also targeted and lost $10 million, the report said.

admin

Previous Story

Brexit: Vote only on withdrawal agreement

Next Story

NZ remembers mosque attack victims

Latest from ASIA NEWS

UN urges investments in Syria

Rebuilding Syria requires not only emergency relief but sustained investment in basic services, economic recovery, and stability, says UN Office in Syria.

Khamenei threatens more strikes

Iran’s supreme leader rebukes Trump’s ‘surrender’ remark, warns of repeat attacks on US bases and Israeli targets. In his first public appearance

Iran Suspends IAEA Cooperation

The decision followed the recent US strikes on three Iranian nuclear sites …reports Asian Lite News The Iranian Parliament on Wednesday overwhelmingly