US Govt Agencies Warn of North Korea's BeagleBoyz 'FASTCash 2.0'

Thursday, 27/08/2020 | 03:52 GMT by Celeste Skinner
  • CISA and other US agencies have warned that North Korean hackers are targeting ATMs again.
US Govt Agencies Warn of North Korea's BeagleBoyz 'FASTCash 2.0'
FM

The Cybersecurity and Infrastructure Security Agency (CISA) of the United States have recently published a warning on its website, alerting the public that North Korea has resumed targeting banks in what the US Government is referring to as 'FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks'.

“Since February 2020, North Korea has resumed targeting banks in multiple countries to initiate fraudulent international money transfers and ATM cash outs. The recent resurgence follows a lull in bank targeting since late 2019,” CISA published on its website on Wednesday.

In particular, the agency has published a joint advisory on its website, which details the targeted operations from North Korea. According to the advisory, the hacking team, dubbed BeagleBoyz is controlled by North Korea’s intelligence. BeagleBoyz represents a subset of HIDDEN COBRA activity, CISA said on its website.

Commenting on the situation, Bryan Ware, Assistant Director of Cybersecurity, CISA, said in a statement realised on Wednesday: “North Korean cyber actors have demonstrated an imaginative knack for adjusting their tactics to exploit the financial sector as well as any other sector through illicit cyber operations.

"CISA and our interagency partners work closely with industry to provide actionable, specific and timely cyber threat information, like today’s alert. Our aim is to disrupt and defeat malicious cyber campaigns and help government and industry partners prioritize resources to highest risk to stay one-step ahead of adversaries.”

BeagleBoyz Have Attempted to Steal $2 billion in FASTCash Hacks

The BeagleBoyz are responsible for the FASTCash ATM cashouts, which were reported in October 2018. The group’s efforts included abuse of bank-operated SWIFT system endpoints and cryptocurrency thefts that have resulted in millions of crypto being stolen, CISA said.

The bank robberies have been going on since at least 2015 and according to public estimates, the BeagleBoyz have attempted to steal almost $2 billion. According to CISA, the thefts pose 'severe operational risk' for individual firms in terms of reputational and financial harm.

Cryptocurrency Theft

The efforts of the BeagleBoyz has not just been limited to ATM theft, but also to cryptocurrency theft, with the hackers targeting cryptocurrency exchanges.

“In addition to robbing traditional financial institutions, the BeagleBoyz target cryptocurrency exchanges to steal large amounts of cryptocurrency, sometimes valued at hundreds of millions of dollars per incident. Cryptocurrency offers the BeagleBoyz an irreversible method of theft that can be converted into fiat currency because the permanent nature of cryptocurrency transfers do not allow for claw-back mechanisms,” the joint advisory said.

The joint advisory published on 26th August 2020 that is the combined efforts from CISA, the Department of the Treasury (Treasury), the Federal Bureau of Investigation (FBI) and U.S. Cyber Command (USCYBERCOM).

The Cybersecurity and Infrastructure Security Agency (CISA) of the United States have recently published a warning on its website, alerting the public that North Korea has resumed targeting banks in what the US Government is referring to as 'FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks'.

“Since February 2020, North Korea has resumed targeting banks in multiple countries to initiate fraudulent international money transfers and ATM cash outs. The recent resurgence follows a lull in bank targeting since late 2019,” CISA published on its website on Wednesday.

In particular, the agency has published a joint advisory on its website, which details the targeted operations from North Korea. According to the advisory, the hacking team, dubbed BeagleBoyz is controlled by North Korea’s intelligence. BeagleBoyz represents a subset of HIDDEN COBRA activity, CISA said on its website.

Commenting on the situation, Bryan Ware, Assistant Director of Cybersecurity, CISA, said in a statement realised on Wednesday: “North Korean cyber actors have demonstrated an imaginative knack for adjusting their tactics to exploit the financial sector as well as any other sector through illicit cyber operations.

"CISA and our interagency partners work closely with industry to provide actionable, specific and timely cyber threat information, like today’s alert. Our aim is to disrupt and defeat malicious cyber campaigns and help government and industry partners prioritize resources to highest risk to stay one-step ahead of adversaries.”

BeagleBoyz Have Attempted to Steal $2 billion in FASTCash Hacks

The BeagleBoyz are responsible for the FASTCash ATM cashouts, which were reported in October 2018. The group’s efforts included abuse of bank-operated SWIFT system endpoints and cryptocurrency thefts that have resulted in millions of crypto being stolen, CISA said.

The bank robberies have been going on since at least 2015 and according to public estimates, the BeagleBoyz have attempted to steal almost $2 billion. According to CISA, the thefts pose 'severe operational risk' for individual firms in terms of reputational and financial harm.

Cryptocurrency Theft

The efforts of the BeagleBoyz has not just been limited to ATM theft, but also to cryptocurrency theft, with the hackers targeting cryptocurrency exchanges.

“In addition to robbing traditional financial institutions, the BeagleBoyz target cryptocurrency exchanges to steal large amounts of cryptocurrency, sometimes valued at hundreds of millions of dollars per incident. Cryptocurrency offers the BeagleBoyz an irreversible method of theft that can be converted into fiat currency because the permanent nature of cryptocurrency transfers do not allow for claw-back mechanisms,” the joint advisory said.

The joint advisory published on 26th August 2020 that is the combined efforts from CISA, the Department of the Treasury (Treasury), the Federal Bureau of Investigation (FBI) and U.S. Cyber Command (USCYBERCOM).

About the Author: Celeste Skinner
Celeste Skinner
  • 2872 Articles
  • 25 Followers
About the Author: Celeste Skinner
  • 2872 Articles
  • 25 Followers

More from the Author

CryptoCurrency

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|} !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}