CISA, FBI, Treasury Department & CYBERCOM warn of North Korean malware
The Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury (Treasury), the Federal Bureau of Investigation (FBI) and U.S. Cyber Command (USCYBERCOM) are issuing a joint technical alert about an ongoing automated teller machine (ATM) cash-out scheme by North Korean government cyber actors – referred to by the U.S. government as “FASTCash 2.0: North Korea's BeagleBoyz Robbing Banks.”
The joint alert provides important, new details about the resumption of a North Korean cyber-enabled bank robbery scheme targeting banks in multiple countries to initiate fraudulent international money transfers and ATM cash outs. It gives an overview of the group responsible for this activity, in-depth technical analysis and detection and mitigation recommendations to counter this ongoing threat to the financial services sector.