Lazarus 'FASTCash' Bank Hackers Wield AIX Trojan

Lazarus, a North Korean hacking group, has been tied to an attack known as 'FASTCash' which they execute by breaching a bank's network and injecting a Trojan. The trojan intercepts the cash withdrawal request from Lazarus and sends a fake approval which allows the attackers to withdraw the cash. The attack is known to have been behind fraudulent withdrawals in excess of $10 million. FASTCash has been utilized since 2016 and has been targeting institutions in Asia and Africa. The attackers were exploiting outdated versions of AIX, an IBM program. It is recommended that banks ensure all systems are appropriately updated to minimize the risk of an attack.

Relevant URL(s):