U.S. CERT, the Department of Homeland Security, the U.S. Treasury, and the FBI have issued a report linking Lazarus group to the “FASTCash” attack which has hit ATMs in Asia and Africa. Similar to the campaigns carried out by Carbanak Group, the FASTCash malware allowed Lazarus Group to make fraudulent withdrawals. The campaign began in 2016 and continued into this year. One incident in 2017 showed ATMs in 30 different countries having cash withdrawn simultaneously. The report states that it is believed at this time that the campaign netted tens of millions of dollars in stolen funds.
