Cyber security firm Kaspersky Lab on Monday said it had obtained digital evidence that bolsters suspicions by some researchers that North Korea was involved in last year’s $81 million cyber heist of the Bangladesh central bank’s account at the Federal Reserve Bank of New York.
Russian-based Kaspersky released a 58-page report on Lazarus, a group linked to the heist in Bangladesh and the 2014 attack on Sony’s Hollywood studio, which the U.S. government blamed on North Korea. Among its findings, the report said Lazarus hackers made a direct connection from an IP address in North Korea to a server in Europe that was used to control systems infected by the group.
And Rick Ledgett, the deputy director of the National Security Agency, told reporters at an Aspen Institute event on March 15 that private sector research tying North Korea to the Bangladesh bank heist was strong. “If that’s true, then that says to me that the North Koreans are robbing banks,” Ledgett said. “That’s a big deal.”
The North Korean government has denied allegations of hacking made by officials in Washington and South Korea as well as security firms.Kamluk said he could not conclusively say that Pyongyang was behind the attacks because it was possible the hackers went to great effort to make it look like they were from North Korea, or that North Koreans were working with others.
The Bangladesh Bank heist was one in a string of financially motivated cyber attacks by a division of Lazarus dubbed Bluenoroff, the Kaspersky report said. Targets included banks, financial and trading companies, casinos and digital currency businesses in at least 18 nations, the report said.