Security investigators linked thefts from banks in Asia, including the $81 million stolen from the central bank of Bangladesh in February, to a hacking group in North Korea.
The research firm Symantec has been looking into the Bangladesh bank heist, and on Thursday it posted on its blog that a similar code used to steal Bangladesh’s millions was also used to hack a bank in the Philippines, as well as a failed attempt on a bank in Vietnam last year. The code, Symantec said, has also been linked to the 2014 hack of Sony Pictures’s emails.
Investigators say the malware the thieves used shared similarities to the code used by a hacking group known as Lazarus. The FBI has linked this group to the Sony hacks, and those hacks to North Korea. That group has also been tied to attacks as far back as 2009, which mainly focused on the U.S. and South Korea, but it is also believed to be responsible for hacks on countries all over the world, such as the $12 million stolen from an Ecuadoran bank last year.
The way hackers broke into the banks was by infiltrating the industry’s global messaging system, SWIFT. The system is run by the world’s largest banks, is based in Brussels, and prides itself on security.