September 29, 2020

North Korean hackers are turning emails into real-life ATM cash withdrawals

Operation FastCash 2.0 may be combining North Korea-linked hackers and real-world gangs to collect money for the DPRK

North Korea-linked hackers have restarted a financial cybercrime campaign targeting international ATMs and fraudulent transfers, with activity observed as recently as Feb. 2020, according to a new series of alerts issued by the U.S. Cyber and Infrastructure Security Agency (CISA).

Now, CISA believes that the “BeagleBoyz” cybercriminals behind the 2018 “FastCash” hacks are back. The hackers triggered thousands of ATMs to simultaneously spit out paper bills for coordinated periods of time in North America, East Asia and Africa, where collaborating local gangs like the Yakuza picked up the physical money.