• Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Advisory – CVE-2020-3517 – Cisco FXOS and NX-OS Software Cisco Fabric Services Denial of Service Vulnerability
August 27, 2020
Rewterz Threat Alert – Lemon_Duck Crypto-miner Targets Cloud Apps & Linux
August 28, 2020

Rewterz Threat Alert – FASTCash 2.0: North Korea’s BeagleBoyz Targeted Bank-Theft Operations

August 27, 2020

Severity

High

Analysis Summary

North Korea’s hacking groups are active again targeting banks in international operations to carry out fraudulent international money orders and ATM cash-outs. In the operation, North Korean operatives seek to gain unauthorized access to networks, point-of-sale systems, and ATMs belonging to their victims. The BeagleBoyz, are likely been active since at least 2014 and have carried out multiple operations like this before denting other countries with a hefty amount of financial losses. The group likely conducts well-planned, disciplined, and methodical cyber operations more akin to careful espionage activities. BeagleBoyz have targeted counties like Argentina, Brazil, Bangladesh, Bosnia and Herzegovina, Bulgaria, Chile, Costa Rica, Ecuador, Ghana, India, Indonesia, Japan, Jordan, Kenya, Kuwait, Malaysia, Malta, Mexico, Mozambique, Nepal, Nicaragua, Nigeria, Pakistan and others. 

AA20-239A-image2.png

Impact

Financial loss

Indicators of Compromise

MD5

  • b484b0dff093f358897486b58266d069
  • f34b72471a205c4eee5221ab9a349c55
  • 4c26b2d0e5cd3bfe0a3d07c4b85909a4
  • 52ec074d8cb8243976963674dd40ffe7
  • d1d779314250fab284fd348888c2f955
  • 41fd85ff44107e4604db2f00e911a766
  • cf733e719e9677ebfbc84a3ab08dd0dc
  • 01d397df2a1cf1d4c8e3615b7064856c

SHA-256

  • f12db45c32bda3108adb8ae7363c342fdd5f10342945b115d830701f95c54fa9
  • a1f06d69bd6379e310b10a364d689f21499953fa1118ec699a25072779de5d9b
  • 0e3552c8232e007f421f241ea4188ea941f4d34eab311a5c2341488749d892c7
  • d48b211533f37e082a907d4ee3b0364e5a363f1da14f74a81b187e1ce19945a8
  • f9d29b21bb93004cea6431e79f7aa24b9cc419289ca04c0353d9e3db3c587930
  • 2938200b7c0300c31aa458860b9f4f684f4f3f5893ab0f1d67c9d797168cad17
  • 16251b20e449d46e2b431c3aed229cd1f43f1ff18db67cc5a7fa7dd19673a9bc
  • d928b1c1096e636463afbd19f40a6b325e159196b4497895748c31535ea503dc

SHA1

  • a20ef335481c2b3a942df1879fca7762f2c69704
  • e8b58b9db83b4902a607559301f6985763d2647a
  • 157cfb98caa48c2adb3475305c88986e777d9aa3
  • a0ebe36c61d4de405fe531ecf013720a3d56d5a1
  • 810c7f2c3d045b7c755fb29646297a221cff163f
  • 51b9d982abf1d866ed4e86e63dfee548c2f5a3fd
  • 71f1bf658e0adb69240546df2bb95005e7e70f33
  • 43a7858a0564c500e7f248762353f5b1ec3f3ef8

Remediation

  • Block all threat indicators at your respective controls.
  • Search for IOCs in your environment.
  • Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.