Threat Intelligence: North Korea’s BeagleBoyz Bank Heist

By Shubham Awasthi

September 8, 2020

The BeagleBoyz, an element of the North Korean government’s Reconnaissance General Bureau, have likely been active since at least 2014.

As opposed to typical cybercrime, the group conducts well-planned, disciplined, and methodical cyber operations more akin to careful espionage activities. Their malicious cyber operations have netted hundreds of millions of U.S. dollars and are likely a major source of funding for the North Korean regime. The group has always used a calculated approach, which allows them to sharpen their tactics, techniques, and procedures while evading detection. Over time, their operations have become increasingly complex and destructive. The tools and implants employed by this group are consistently complex and demonstrate a strong focus on effectiveness and operational security.

After a lull beginning in late 2019, since February 2020, North Korea has resumed targeting banks in multiple countries to initiate fraudulent international money transfers and ATM cash outs. This advisory document provides an overview of North Korea’s extensive, global cyber-enabled bank robbery scheme, technical analysis, and detection and mitigation recommendations to counter this ongoing threat to the Financial Services sector. Click here to read the full article.

 



Disclaimer of Liability

The information provided here is for general guidance only, and does not constitute the provision of legal advice, tax advice, accounting services, investment advice or professional consulting of any kind. The information provided herein should not be used as a substitute for consultation with professional tax, accounting, legal or other competent advisers. Before making any decision or taking any action, you should consult a professional adviser who has been provided with all pertinent facts relevant to your particular situation.

Mazars USA LLP is an independent member firm of Mazars Group.


Related posts



The Emotet banking Trojan was first identified by security researchers in 2014. Emotet was originally designed as a banking malware that attempted to sneak onto your computer and steal sensitive and private information. Threat actor group MEALYBUG , have used the malware to create a botnet of infected computers to

Read More



Electronic Data Interchange (EDI) EDI provides a standard and established framework for how data is formatted when sent, so that the EDI translation software of the receiver can receive and interpret it correctly. This allows the transfer of data electronically between two systems, eliminating the need for manual processing and

Read More



Table of Contents Controllers face many tasks at the end of the calendar year. This guide provides advice, reminders, and tips about certain responsibilities that require your attention in the next few weeks, including an update of rates and limits for 2021. The New Year Forms W-2 And Year-End Payroll

Read More








Copyright 2021 - Mazars - United States