A North Korean hacking group known as Lazarus is likely behind a recent cyber campaign targeting financial organizations in 31 countries, according to Symantec Corp.
The internet security firm said on Wednesday that researchers have uncovered four pieces of digital evidence suggesting that Lazarus was behind the campaign that sought to infect victims with “loader” software, Reuters reports.
Symantec did not identify targeted organizations and said it did not know if any money had been stolen.
Nonetheless, it said the claim was significant because the group used a more sophisticated targeting approach than in previous campaigns.
The North Korean government has denied allegations it was involved in the hacks.
“We are reasonably certain” Lazarus was responsible, Symantec researcher Eric Chien told Reuters in an interview.
Lazarus has already been blamed for a string of hacks dating back to at least 2009, including last year’s US$81 million heist from Bangladesh’s central bank and a long-running campaign against organizations in South Korea.
Symantec said the latest campaign was launched by infecting websites that intended victims were likely to visit, which is known as a “watering hole” attack.
The firm analyzed the hacking campaign last month when news surfaced that Polish banks had been infected with malware. At the time, Symantec said it had “weak evidence” to blame Lazarus.
– Contact us at [email protected]