HomeCII/OTNorth Korea Hackers Cash In Quickly with Linux Cyber Heists

North Korea Hackers Cash In Quickly with Linux Cyber Heists

Published on

spot_img

North Korean threat actors have been identified as utilizing a Linux variant of the FASTCash malware family in a financially motivated cyber campaign, according to recent reports. The FASTCash malware, initially brought to light by the US government in October 2018, was first observed in an ATM scheme orchestrated by North Korean adversaries to target banks in Africa and Asia.

Since its initial discovery, the campaign has evolved in significant ways. One notable development is its newfound ability to target banks with switch applications hosted on Windows Server, expanding its reach to interbank payment processors. While previous iterations of the malware primarily targeted systems operating on Microsoft Windows and IBM AIX, recent findings indicate a shift towards infiltrating Linux systems.

The operation of the FASTCash malware involves the modification of ISO 8583 transaction messages involved in debit and credit card transactions. By tampering with these messages, unauthorized withdrawals can be initiated, including the manipulation of declined transactions due to insufficient funds to approve and withdraw money in Turkish currency ranging from 12,000 to 30,000 lira ($350 to $875).

Researchers investigating the malware emphasize the importance of detection strategies to identify the use of specific techniques, such as process injection, which is employed to intercept transaction messages. Commercial endpoint detection and response systems, as well as open-source Linux agents, can be configured to detect the utilization of the ptrace system call associated with these activities.

In response to the growing threat posed by FASTCash and similar attacks, the Cybersecurity and Infrastructure Security Agency (CISA) has issued recommendations to enhance security measures. These recommendations include implementing chip and PIN requirements for debit cards, mandating and verifying message authentication codes for financial request response messages, and conducting authorization response cryptogram validation for chip and PIN transactions to mitigate exploitation attempts.

As cyber threats continue to evolve and become more sophisticated, organizations and financial institutions must remain vigilant in implementing robust security measures to protect against malicious actors. The utilization of advanced malware like FASTCash underscores the importance of proactive cybersecurity measures and ongoing vigilance in safeguarding sensitive financial information and transactions.

Source link

Latest articles

Dell BIOS Flaw Allows Attackers to Extract Plaintext Passwords Without Brute Force

Critical Dell BIOS Vulnerability Exposed: An Urgent Security Concern A recently surfaced vulnerability in Dell's...

KDDI Data Breach Exposes Personal Information of 12 Million Individuals

Significant Data Breach at KDDI Affects 12 Million Users in Japan In a troubling development,...

Zimbra Issues Security Update for Stored XSS Vulnerability in Classic Web Client

Zimbra Addresses Stored XSS Vulnerability with Daffodil v10.1.19 Update Zimbra, a prominent provider of collaboration...

Securing the Agentic Enterprise: An Integrated Policy Framework for Enterprise AI Security Webinar

Securing Enterprise AI: A Comprehensive Framework for Future Readiness In today's rapidly evolving technological landscape,...

More like this

Dell BIOS Flaw Allows Attackers to Extract Plaintext Passwords Without Brute Force

Critical Dell BIOS Vulnerability Exposed: An Urgent Security Concern A recently surfaced vulnerability in Dell's...

KDDI Data Breach Exposes Personal Information of 12 Million Individuals

Significant Data Breach at KDDI Affects 12 Million Users in Japan In a troubling development,...

Zimbra Issues Security Update for Stored XSS Vulnerability in Classic Web Client

Zimbra Addresses Stored XSS Vulnerability with Daffodil v10.1.19 Update Zimbra, a prominent provider of collaboration...