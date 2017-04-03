(Adds North Korean government has denied hacking allegations,
paragraph 5)
By Jim Finkle
April 3 Cyber security firm Kaspersky Lab on
Monday said it had obtained digital evidence that bolsters
suspicions by some researchers that North Korea was involved in
last year's $81 million cyber heist of the Bangladesh central
bank's account at the Federal Reserve Bank of New York.
Russian-based Kaspersky released a 58-page report on
Lazarus, a group linked to the heist in Bangladesh and the 2014
attack on Sony's Hollywood studio, which the U.S. government
blamed on North Korea.
Among its findings, the report said Lazarus hackers made a
direct connection from an IP address in North Korea to a server
in Europe that was used to control systems infected by the
group.
Kaspersky researcher Vitaly Kamluk told Reuters by telephone
that the finding marked "the first time we have seen a direct
connection" between North Korea and Lazarus, a hacking group
whose activities dating back to 2009 have been documented by the
world's biggest cyber security firms.
The North Korean government has denied allegations of
hacking made by officials in Washington and South Korea as well
as security firms.
Kamluk said he could not conclusively say that Pyongyang was
behind the attacks because it was possible the hackers went to
great effort to make it look like they were from North Korea, or
that North Koreans were working with others.
Still, he said that North Korean involvement was the most
likely explanation.
Separately last month, U.S. officials also cast suspicion on
Pyongyang. An official briefed on the probe told Reuters in
Washington that the FBI believed North Korea was responsible.
And Rick Ledgett, the deputy director of the National
Security Agency, told reporters at an Aspen Institute event on
March 15 that private sector research tying North Korea to the
Bangladesh bank heist was strong.
"If that's true, then that says to me that the North Koreans
are robbing banks," Ledgett said. "That's a big deal."
The Bangladesh Bank heist was one in a string of financially
motivated cyber attacks by a division of Lazarus dubbed
Bluenoroff, the Kaspersky report said. Targets included banks,
financial and trading companies, casinos and digital currency
businesses in at least 18 nations, the report said.
Adrian Nish, head of threat intelligence with cyber security
firm BAE Systems PLC, said Kaspersky's findings were
significant, even though they did not conclusively link
Pyongyang to Lazarus.
"It is significant further evidence," said Nish, who led a
team at BAE that in May 2016 was the first to link the
Bangladesh heist and the Sony hack.
(Reporting by Jim Finkle in Toronto; editing by Grant McCool)