North Korea’s BeagleBoyz team resumed its efforts to target banks worldwide with fraudulent money transfers and ATM cash outs.
On August 26, the Cybersecurity and Infrastructure Security Agency (CISA) published Alert (AA20-239A) in coordination with the Department of the Treasury (Treasury), the Federal Bureau of Investigation (FBI) and U.S. Cyber Command (USCYBERCOM).
The four entities used the Alert to analyze BeagleBoyz, a North Korean team which forms a subset of Hidden Cobra activity and which overlaps with Lazarus, among other groups.
This group had attempted to steal $2 billion since 2015 at the time of writing. For much of that time, it had been conducting attacks as part of a sophisticated ATM cash-out campaign called “FASTCash.”