Nahimah Ajikanle Nurudeen
Kaspersky has urged all organisations to carefully scan their networks for the presence of Lazarus malware samples and, if detected, to disinfect their systems and report the intrusion to law enforcement and incident response teams.
The warning was follow up to the results of Kaspersky more-than-year-long investigation into the activity of Lazarus – a notorious hacking group allegedly responsible for the theft of 81 million dollars from the Central Bank of Bangladesh in 2016.
According to Kaspersky Lab records, from December 2015, malware samples relating to Lazarus group activity appeared in financial institutions, casinos software developers for investment companies and crypto-currency businesses in Korea, Bangladesh, India, Vietnam, Indonesia, Costa Rica, Malaysia, Poland, Iraq, Ethiopia, Kenya, Nigeria, Uruguay, Gabon, Thailand and several other countries.
The latest samples known to Kaspersky Lab were detected in March 2017, showing that attackers have no intention of stopping.
Head of Global Research and Analysis Team APAC at Kaspersky Lab, Vitaly Kamluk said, “We’re sure they’ll come back soon. In all, attacks like the ones conducted by Lazarus group show that a minor misconfiguration may result in a major security breach, which can potentially cost a targeted business hundreds of millions of dollars in loss. We hope that chief executives from banks, casinos and investment companies around the world will become wary of the name Lazarus.”
He said Kaspersky Lab products successfully detect and block the malware used by the Lazarus threat actor with the following specific detection names:
The company is also releasing crucial Indicators of Compromise (IOC) and other data to help organisations search for traces of these attack groups in their corporate networks.
“We urge all organisations to carefully scan their networks for the presence of Lazarus malware samples and, if detected, to disinfect their systems and report the intrusion to law enforcement and incident response teams”, added Vitaly Kamluk.