← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Taiwan Heist - Lazarus Tools and Ransomware
WHITE Lazarus Group AlienVault 2017-10-17 Modified: 2017-10-17
12
IOCs
MEDIUM VOLUME
Reports emerged just over a week ago of a new cyber-enabled bank heist in Asia. Attackers targeting Far Eastern International Bank (FEIB), a commercial firm in Taiwan, moved funds from its accounts to multiple overseas beneficiaries. In a story which reminds us of the Bangladesh Bank case – the culprits had compromised the bank’s system connected to the SWIFT network and used this to perform the transfers.
lazarusnorth koreaswift
Indicators of Compromise (12)
All YARA FileHash-MD5 email
TYPEINDICATORDESCRIPTIONCREATED
YARA f5d1e07b83a25030268051e411bb3b1d9b79d22e 2017-10-17
FileHash-MD5 b27881f59c8d8cc529fa80a58709db36 2017-10-17
FileHash-MD5 0dd7da89b7d1fe97e669f8b4156067c8 2017-10-17
FileHash-MD5 0edbad9e6041d43f97c7369439a40138 2017-10-17
FileHash-MD5 3c9e71400b72cc0213c9c3e4ab4df9df 2017-10-17
FileHash-MD5 61075faba222f97d3367866793f0907b 2017-10-17
FileHash-MD5 62217af0299d6e241778adb849fd2823 2017-10-17
FileHash-MD5 9563e2f443c3b4e1b00f25be0a30d56e 2017-10-17
FileHash-MD5 97aaf130cfa251e5207ea74b2558293d 2017-10-17
FileHash-MD5 d08f1211fe0138134e822e31a47ec5d4 2017-10-17
email bm-2ct4u1vbdjfqkdewmexgcws9sfnmk1gltf@bitmessage.ch 2017-10-17
email bm-2cvczl1xfve1yggkwebgg1ge6xj5pygfgw@bitmessage.ch 2017-10-17
References (1)
↗ http://baesystemsai.blogspot.co.uk/2017/10/taiwan-heist-lazarus-tools.html