The notorious hackers behind a string of banking heists have left behind a clue that reveals a long-suspected link to North Korea, according to security researchers.
The notorious hackers behind a string of banking heists have left behind a clue that supports a long-suspected link to North Korea, according to security researchers.
The so-called Lazarus Group has been eyed as a possible culprit behind the heists, which included last February’s $81 million theft from Bangladesh’s central bank through the SWIFT transaction software.
However, hackers working for the group recently made a mistake: They failed to wipe the logs from a server the group had hacked in Europe, security firm Kaspersky Lab said on Monday.
The logs show that the server had at one point connected with an Internet Protocol address from North Korea, an unusual sign given that the country has very limited internet access.
The IP address adds to the evidence that the Lazarus Group is tied to North Korea. Last year, security researchers also noticed similarities between coding techniques the group used in its banking heists and those used in the 2014 Sony hack, which the U. S. has blamed on North Korea.
That prompted speculation that North Korea was using the bank thefts to build up its foreign currency reserves.
