Contact Us Resources Client Support

Taiwan Heist: Lazarus Tools and Ransomware

Reports emerged just over a week ago of a new cyber-enabled bank heist in Asia.
Taiwan HeistReports emerged just over a week ago of a new cyber-enabled bank heist in Asia. Attackers targeting Far Eastern International Bank (FEIB), a commercial firm in Taiwan, moved funds from its accounts to multiple overseas beneficiaries. In a story which reminds us of the Bangladesh Bank case – the culprits had compromised the bank’s system connected to the SWIFT network and used this to perform the transfers.
 
In recent days, various malware samples have been uploaded to malware repositories which appear to originate from the intrusion. These include both known Lazarus group tools, as well as a rare ransomware variant called ‘Hermes’ which may have been used as a distraction or cover-up for the security team whilst the heist was occurring.
 
The timeline below provides an overview of the key events...
 
 
 
top
BAE Systems, Threat Research Team 16 October 2017

Related stories

Wanacrypt0r Ransomworm
Security Research
WanaCrypt0r Ransomworm
Operation Cloud Hopper
Security Research
APT10 - Operation Cloud Hopper
Lazarus Watering-hole Attacks
Security Research
Lazarus & Watering-hole Attacks
Bank Heist Money Laundering
Financial Crime
As money laundering scams go, the Bangladesh Bank heist wasn't that...
Cyber Heist Attribution
Security Research
Cyber Heist Attribution​
Two bytes to $951m
Security Research
Two bytes to $951m
ASUS blog
Security Research
Multiple vulnerabilities affecting several ASUS
Testing your defences against SQL injection
Security Research
Testing your defences against SQL injection
Cryptolocker
Security Research
A Bumper Harvest - Cryptolocker Address Book Theft
Peering into Dyre's Traffic
Security Research
Peering into Dyre's Traffic
New Mac Malware OS Malware Exploits MacKeeper
Security Research
New Mac OS Malware Exploits MacKeeper
PHP Escapeshellorg
Security Research
Security issues with using PHP's escapeshellarg