North Korea has been linked to a string of recent digital bank hacks in southeast Asia that resulted in the theft of millions of dollars in Bangladesh, security researchers said Thursday.
Researchers at the cybersecurity company Symantec Corp found the string of code that was used in three recent banks heists in Asia was the same type used to hack into Sony Pictures in 2014 and South Korea in 2013. The FBI later blamed those cyberattacks on the North Korean government.
"There is a pretty hard connection now to the Sony attacks and the actor behind them" and the Bangladesh heist, Eric Chien, technical director at Symantec, told Reuters.
The Symantec researchers wrote in a blog post Thursday that the code used to hack into Bangladesh's central bank and steal more than $80 million in February was the same type of code used to hack into banks in the Philippines and Vietnam. The attackers gained access to SWIFT, the network used by many international banks to exchange money and widely seen as the most secure global payment system.
Earlier this week, SWIFT warned banks around the world to increase security precautions due to the digital heists. The Bangladesh Bank hack was a "watershed event for the banking industry," SWIFT spokesperson Natasha de Teran said, adding that it was "not an isolated incident." But SWIFT has not named the culprit for the attacks, only that they were looking into other possible victims of fraud.
Symantec found that the attackers are linked to the hacking group Lazerus, which has carried out destructive cyber attacks, mostly on US and South Korean targets, since 2009.
If North Korea was responsible for the hacks on banks via the SWIFT messaging network, it would represent the first time a country has stolen money in a cyber attack, Chien said.
The hackers attempted to take $1 billion from the Bangladesh Bank but only managed to escape with $81 million, after authorities at the Federal Reserve Bank of New York noticed suspicious activity involving the transfers. There was also an attempt to steal more than $1 million from the Tien Phong Bank in Vietnam in December.
The Philippines central bank's deputy governor, Nestor Espenilla, told Reuters that no bank in the country had lost money to hackers, although he did not rule out the possibility of cyber attacks.
"We are checking if there are similar attacks on Philippine banks," Espenilla said. "However, no reported losses so far."
He added, "It is one thing to be attacked. It is another to lose money."