Blog
Share This Post
[ad_1]
Attacks with the new FASTCash malware for Linux have been launched by North Korean hackers against financial organizations’ Ubuntu 22.04 LTS-based payment switch systems to facilitate unauthorized ATM transactions, reports BleepingComputer.
After being installed on a payment switch server’s running process through the ‘ptrace’ system call, FASTCash for Linux — which significantly resembled iterations of the malware for Windows and AIX — facilitates ISO8583 transaction message interception and alteration, according to cybersecurity researcher HaxRob, who discovered the updated variant. Bank approval of the manipulated messages, which specify amounts ranging from 12,000 and 30,000 Turkish Lira, would then enable ATM withdrawals by a money mule. Aside from the discovery of the Linux variant of FASTCash that has not yet been detected by VirusTotal, an updated Windows version has also been submitted by attackers, indicating the continued evolution of their toolset. Such a discovery comes after separate FASTCash ATM schemes since 2018 have been associated with the Lazarus Group, also known as Hidden Cobra and APT38.
[ad_2]
Source link
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
US Charges Five People Over North Korean IT Worker Scheme
[ad_1] The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
[ad_1] Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York
