Search This Blog

Powered by Blogger.

Blog Archive

Labels

Inside the Lazarus Heist: Multi-Billion Dollar Theft in Two Hours

Read about one of the world's most shocking money heists in this article, which delves into the tactics used by the notorious Lazarus Group.
In 2018, a group of men in Maharashtra state of India was tricked into being unwitting participants in a major bank heist. The men, who believed they were being offered small roles in a Bollywood film, were in fact being used as money mules to collect cash in a fraudulent scheme. 

The target of the heist was Cosmos Co-operative Bank, which is based in Pune. On a quiet Saturday afternoon in August of that year, staff in the bank's head office began to receive a series of alarming messages from Visa, the US-based card payment company. 

Visa warned that it was detecting thousands of requests for large cash withdrawals from ATMs, all apparently made by people using Cosmos Bank cards. However, when the bank's staff checked their own systems, they could find no evidence of abnormal transactions. 

Despite this, about half an hour later, the bank's management decided to play it safe and authorized Visa to halt all transactions from Cosmos Bank cards. Unfortunately, this delay would ultimately prove extremely costly. 

The following day, Visa shared a full list of suspect transactions with the Cosmos head office. The bank was stunned to learn that around 12,000 separate withdrawals had been made from ATMs across the globe, totaling nearly $14m in losses. 

This incident serves as a stark reminder of the risks posed by cybercrime, and the importance of staying vigilant against fraudulent activity. Even seemingly minor delays or oversights can have devastating consequences, particularly when it comes to financial transactions. As such, it is essential that individuals and businesses alike remain vigilant and proactive in their efforts to protect themselves against cybercrime and fraud. 

Nevertheless, criminals pulled off a massive ATM heist in 28 countries including USA, UK, and Russia, within 2 hours and 13 minutes. The sophisticated operation was linked to a group of hackers who had carried out similar attacks, believed to be working on behalf of North Korea. 

Indian investigators were able to arrest 18 suspects after analyzing CCTV footage and mobile phone data from the areas near the ATMs. The suspects were recruited as extras for a Bollywood film but were unwittingly used as money mules in a massive bank heist. The investigators believe that North Korea was behind the operation. 

North Korea is one of the poorest nations in the world, yet a significant portion of its limited resources goes toward the building of nuclear weapons and ballistic missiles, an activity that is banned by the UN Security Council. However, the country now also makes headlines in advance cybercrimes. 

The Lazarus Group, an elite team of hackers believed to be directed by North Korea's Reconnaissance General Bureau, is accused by US authorities of stealing money from banks and financial institutions worldwide to fund the country's economy and weapons program. 

The group gained popularity in 2014 when accused by then-US President Barack Obama of hacking into Sony Pictures Entertainment's network in retaliation for a comedy film that portrayed the assassination of Kim Jong Un. 

Additionally, it has been accused of multiple cyber-attacks, including the attempted theft of $1bn from Bangladesh's central bank and the WannaCry ransomware attack. North Korea denies the group's existence, but law enforcement agencies say their hacks are increasingly advanced and ambitious. 

The group recently used a technique called "jackpotting" to steal money from Cosmos Bank, working with accomplices to create cloned ATM cards. British security firm BAE Systems identified the Lazarus Group as the culprit and described the heist's logistics as staggering. 

US tech security investigators believe the Lazarus Group found a facilitator called "Big Boss" on the dark web to help with the Cosmos Bank heist. "Big Boss" turned out to be Ghaleb Alaumary, a 36-year-old Canadian who was sentenced to 11 years, and eight months in prison for offenses including laundering funds from North Korean bank heists. 

North Korea repeatedly denies any involvement in the heist or other hacking schemes, but in February 2021, the US announced charges against three suspected Lazarus Group hackers believed to work for North Korea's military intelligence agency. 

North Korea is estimated to have up to 7,000 trained hackers, who are often sent overseas to work. A former North Korean diplomat revealed that these cyber-units operate from cramped dormitories around the world, with just a computer connected to the internet. 

Despite sanctions and demands to send North Korean workers home, the hackers remain active and are now targeting cryptocurrency companies, having already stolen close to $3.2 billion. US authorities have dubbed them "the world's leading bank robbers" who use keyboards instead of guns.
Share it:

Bank fraud

cyber attack

Cyber Attacks

Lazarus Heist

Money heist

North Korea Hackers