This is how the “BeagleBoys”, a group of North Korean hackers, work

Hacker BeagleBoyz

The BeagleBoyz are a group of hackers who operate from North Korea against banks around the world to steal the money they are storing. This group of cyber criminals has been active since 2015, and in 2019 alone they managed to steal more than $ 2,000 million from various banking companies.

The BeagleBoyz have been in operation since 2015 and have since stolen money in more than 38 countries including Spain and Latin American states like Argentina, Brazil, Chile and Ecuador.

The security forces are after them and they are known as “FASTCash 2.0: North Korea’s BeagleBoyz Robbing Banks” which means “Quick Cash 2.0: The North Korean BeagleBoyz Group Robbing Banks” in Spanish.

Apparently, this group serves to fund campaigns and projects by North Korean President Kim Jong-un and has been tracked for years by US law enforcement agencies such as the Cybersecurity and Infrastructure Security Agency (CISA), the US government’s Treasury Department, Federal Bureau of Investigation ( FBI) and the United States Cyber ​​Command (USCYBERCOM).

A report prepared by the CIA explains step by step how this gang works and how they steal money from North Korea to banks around the world and about «Spearfishing“And social engineering to steal data from servers and users.

The first approach is an email message that they send to bank users, employees of institutions, and anyone who has direct contact with the companies. They have malware in them, and the users who install them and pull the bait let these hackers access the bank’s servers and computers via the malicious files that the CIA has already been able to encrypt, which are listed below:

With this quick and easy access to devices, North Korean hackers enter the bank’s payment servers and ATMs. Then it is just a matter of choosing the ATM and who will be withdrawing the money.

Another way to commit their misdeeds is with international accounts, phishing not against ATMs but against the bank’s SWIFT networks. Then they initiate an international transfer from one account to another. Finally, the money is transferred to a third account, that of the attacker, who can withdraw the money from there.

This operation is considered common or normal within the bank, but the users whose money has been taken will make the claim and alert the authorities. Here is a visual overview of what these cyberattacks look like in either mode:

This is how hackers operate in North Korea

Apparently, these groups of hackers managed to steal money in more than 38 countries including South Korea, Spain, India, Japan and Latin American countries like Argentina, Ecuador, Chile and Brazil. The following map shows the nations affected by these BeagleBoyz group cyber thefts:

Map of the hacked countries

US security forces have alerted banks around the world as the BeagleBoyz have been ramping up their cyberattacks since February this year. Recently, the alarm has been raised against other types of common scams occurring on financial platforms like PayPal, which are used by these and other cyber criminals as a channel to steal money very often.

Click to rate this entry!
(Votes: 1 Average: 5)

Leave a Comment