Popular Articles
Today Week Month Year

LAZARUS HEIST: The international ATM theft that bagged $14M in just over 2 hours
By Kevin Hughes // Apr 06, 2023

Imagine yourself being an extra in a Bollywood film with the role of going to a cash point and withdrawing money. This was the case for several men in Maharashtra state who believed they were accepting a minor role in a movie, but were in fact being deceived into acting as money mules collecting cash in a bold bank heist.

The raid happened in August 2018 and targeted Cosmos Co-operative Bank, headquartered in Pune, India. On that calm Saturday afternoon, staff in the bank's head office unexpectedly received a series of alarming messages.

They were from the card payment company Visa in the United States, which warned that it could see thousands of demands flooding in for huge cash withdrawals from automated teller machines from people seemingly using Cosmos Bank cards.

Nevertheless, when the Cosmos team investigated their own systems, no abnormal transactions were seen.

Almost half an hour later, just to be safe, they approved Visa to halt all transactions from Cosmos Bank cards. The following day, Visa shared the complete list of suspect transactions with the Cosmos head office. The list showed nearly 12,000 separate withdrawals from various ATMs around the world and the bank had lost almost $14 million.

Cosmos said unidentified hackers stole customer information through a malware attack on its ATM server, withdrawing $11 million in mostly overseas transactions.

Aside from the ATM withdrawals, the hackers transferred $3.69 million to a Hong Kong-based company's account by issuing three unauthorized transactions over the SWIFT global payments network.

We are building the infrastructure of human freedom and empowering people to be informed, healthy and aware. Explore our decentralized, peer-to-peer, uncensorable Brighteon.io free speech platform here. Learn about our free, downloadable generative AI tools at Brighteon.AI. Every purchase at HealthRangerStore.com helps fund our efforts to build and share more tools for empowering humanity with knowledge and abundance.

It was a daring crime defined by its massive scale and precise synchronization with the criminals robbing ATMs in 28 different countries, including the U.S., the United Kingdom, the United Arab Emirates and Russia. And it all occurred in two hours and 13 minutes.

The Maharashtra cybercrime unit was astonished to see CCTV footage of dozens of men walking up to a series of cashpoints, inserting bank cards and filling the notes into bags. "We were not aware of a money mule network like this," said Inspector General Brijesh Singh, who headed the investigation.

Ultimately, investigators would track its origins back to a shady team of hackers called the Lazarus Group apparently at the bidding of the North Korean state. Despite being one of the poorest nations in the world, North Korea has a substantial part of its limited resources going toward producing nuclear weapons and ballistic missiles.

For that reason, the United Nations has put the country under arduous sanctions, making trade very restrictive.

According to U.S. authorities, the North Korean government is employing a gang of elite hackers to break into banks and financial institutions around the world to steal the money it requires to keep its economy afloat and finance its weapons program.

Lazarus Group is supervised by North Korea's military intelligence agency

The Lazarus Group is said to be supervised by North Korea's powerful military intelligence agency: the Reconnaissance General Bureau.

Cybersecurity experts named the group after the biblical figure Lazarus, who comes back from the dead. This is because once the group's viruses enter computer networks, they are almost impossible to wipe out. They just come back from the dead.

The group initially gained worldwide prominence in 2014, when then-U.S. President Barack Obama accused North Korea of hacking into Sony Pictures Entertainment's computer network.

The Federal Bureau of Investigation accused the hackers of conducting a cyberattack in retaliation for "The Interview," a comedy-action film that portrayed the assassination of North Korean leader Kim Jong Un. (Related: Hackers in charge: Sony hack and theater pullback reveals new era of hackers trouncing multinational corporations.)

The Lazarus Group has also been accused of attempting to steal $1 billion from Bangladesh's central bank in 2016, and for starting the WannaCry cyberattack, which tried to draw out ransoms from victims around the world, including the National Heart Service (NHS) in Britain.

North Korea strongly denied the existence of the Lazarus Group, as well as the accusations of state-sponsored hacking.

Nonetheless, leading law enforcement organizations noted that North Korea's hacks are more advanced, more brazen and more ambitious than ever.

For the Cosmos heist, the hackers utilized a technique called "jackpotting" because getting the ATM to spill its cash is like hitting the jackpot on a slot machine. The bank's systems were originally compromised in the traditional way through a phishing email opened by an employee, which infected the computer network with malware.

The hackers would then manipulate a piece of software known as the ATM switch which sends messages to a bank to authorize a cashpoint withdrawal. This gave the hackers the power to permit ATM withdrawals from their associates anywhere in the world.

Follow Cyberwar.news for more news about hackers doing damage around the world.

Watch the video below to know how to stop your bank account from being hacked.

This video is from the increase channel on Brighteon.com.

More related stories:

Hackers steal over $104 million worth of crypto assets from blockchain bridge.

Free AI voice generation software successfully hacked into bank accounts using simulated voices.

More than 376M SCAM messages sent daily to steal money, clone voices of Americans.

Sources include:




Take Action:
Support NewsTarget by linking to this article from your website.
Permalink to this article:
Embed article link:
Reprinting this article:
Non-commercial use is permitted with credit to NewsTarget.com (including a clickable link).
Please contact us for more information.
Free Email Alerts
Get independent news alerts on natural cures, food lab tests, cannabis medicine, science, robotics, drones, privacy and more.

NewsTarget.com © 2022 All Rights Reserved. All content posted on this site is commentary or opinion and is protected under Free Speech. NewsTarget.com is not responsible for content written by contributing authors. The information on this site is provided for educational and entertainment purposes only. It is not intended as a substitute for professional advice of any kind. NewsTarget.com assumes no responsibility for the use or misuse of this material. Your use of this website indicates your agreement to these terms and those published on this site. All trademarks, registered trademarks and servicemarks mentioned on this site are the property of their respective owners.

This site uses cookies
News Target uses cookies to improve your experience on our site. By using this site, you agree to our privacy policy.
Learn More
Get 100% real, uncensored news delivered straight to your inbox
You can unsubscribe at any time. Your email privacy is completely protected.