Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Stay on top of the latest market trends

Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Bank vault. Photo: Matjaz Slanic/Getty Images

A cluster of attempted digital robberies at West African financial institutions appear to have been imitating the North Korea-linked Lazarus Group's run of heists, according to Symantec.

Why it matters: Lazarus, internationally notorious for the Sony hack and the WannaCry malware, is currently very active stealing funds to support the Kim Jong-un regime. The Symantec finding is fascinating as an example of how attacks trickle down from nations to more common criminals.

The big picture: "It seems like after the high public profile of the North Korea thefts, these hackers took those tactics," said Jon DiMaggio, a senior threat intelligence analyst at Symantec.

Details:

  • The Lazarus group has utilized the SWIFT system, which banks use to request money from one another, in several high-profile thefts, but the attacks Symantec documented did not.
  • What they did use were a similar set of tools to what Lazarus used to set up those attacks, as outlined in a 2017 alert.
  • Symantec did not want to publicly specify the exact tools that were used.

Background: This isn't the first time DiMaggio said he had seen hackers influenced by a high-profile Lazarus attack. After the group's most famous heist, the theft of $81 million from the central bank of Bangladesh, a separate criminal group added SWIFT fraud to their toolkit.

Symantec's report outlined four different techniques of attacks currently being used in Africa that may represent more than one criminal group.

  • The first, the one flagged as similar to the SWIFT heists, targeted firms in Ivory Coast and Equatorial Guinea.
  • All four clusters used a mix of easily purchasable malware and "living off the land" techniques — avoiding detection using as much software already on victims' computers during the break-in as possible.
  • The other groups of attacks spanned Ivory Coast, Ghana, the Democratic Republic of the Congo and Cameroon.

Historically, West African financial groups have not been common targets for hackers, according to the Symantec report. DiMaggio believes that a softer regulatory structure may have made African banks a tempting target.

The bottom line: DiMaggio stressed that IT staff globally have to become more accustomed to looking for living-off-the-land attacks that don't appear to create suspicious network traffic. "You have to look at legitimate traffic," he said. "You can't just wait for a warning screen to flash red."

Go deeper

8 Senate Democrats vote against adding $15 minimum wage to COVID relief

Photo: Stefani Reynolds/Bloomberg via Getty Images

Eight Democratic senators on Friday voted against Sen. Bernie Sanders' amendment to ignore a ruling by the Senate parliamentarian and add a $15 minimum wage provision to the $1.9 trillion COVID relief package.

The state of play: The vote was held open for hours on Friday afternoon — even after every senator had voted — due to a standoff in negotiations over the next amendments that the Senate will take up.

CDC: Easing mask mandates led to higher COVID cases and deaths

Customer at a supermarket chain in Austin, Texas. Montinique Monroe/Getty Images

Easing mask restrictions and on-site dining have increased COVID-19 cases and deaths, according to a study out Friday from the Centers for Disease Control and Prevention.

Why it matters: The report's findings converge with actions from governors this week easing mask mandates and announcing plans to reopen nonessential businesses like restaurants.