Taiwan Heist: Lazarus Tools and Ransomware | BAE Systems | Cyber Security & Intelligence

This website uses cookies. By navigating around this site you consent to cookies being stored on your machine

Taiwan Heist: Lazarus Tools and Ransomware

Reports emerged just over a week ago of a new cyber-enabled bank heist in Asia.
Taiwan HeistReports emerged just over a week ago of a new cyber-enabled bank heist in Asia. Attackers targeting Far Eastern International Bank (FEIB), a commercial firm in Taiwan, moved funds from its accounts to multiple overseas beneficiaries. In a story which reminds us of the Bangladesh Bank case – the culprits had compromised the bank’s system connected to the SWIFT network and used this to perform the transfers.
 
In recent days, various malware samples have been uploaded to malware repositories which appear to originate from the intrusion. These include both known Lazarus group tools, as well as a rare ransomware variant called ‘Hermes’ which may have been used as a distraction or cover-up for the security team whilst the heist was occurring.
 
The timeline below provides an overview of the key events...
 
 
 
top
BAE Systems, Threat Research Team October 16, 2017