(CNN) – New information Tuesday night as Kim Jong-un’s army of hackers is brazenly attacking banks around the world. One of his elite hacking groups, dubbed ‘Lazarus’ by investigators, has been linked to cyber-attacks on banks in 18 countries.
That’s according to the Russian cyber-security firm Kaspersky’s new report Tuesday. Kaspersky said while the attacks can’t be definitively traced to North Korea, they found one occasion where the hackers failed to cover their tracks.
Vitaly Kamluk of Kaspersky said, “There was one strange connection, very short, a single connection, single session, coming out of this quite rare and unexpected IP range that was originating from North Korea.”
They also spotted Korean language in the computer code. Kamluk also said, “It was quite sophisticated malware operation. There were a lot of smart tricks that were designed to trick the investigator. They used a lot of anti-forensics techniques.”
The hackers stole $81 million from Bangladesh’s central bank, the only known loss so far.
Another clue which could trace these attacks to North Korea, officials at the cyber-security firm Symantec, who’ve also researched these hacks, told CNN: “The malware code used in the Bangladesh bank heist is similar to the code used in the Sony Pictures hack in 2014, which the FBI blamed on Kim’s regime.”
If Kim Jong-un is behind the hacks, experts said he’s likely planning to use the stolen money to pay for his nuclear weapons and missile programs and to buy cars and other luxury items for North Korean elites, to keep them from turning on him.
Analysts said for Kim, hacking is a fast and easy way to grab illicit cash.
Marcus Noland, Peterson Institute for International Economics: “They’ve tried drug trafficking, but again, interdiction efforts are tightening on those. They’ve tried currency counterfeiting, again, interdiction efforts are tightening on those. So the traditional ways of raising money are facing increasing problems, and they increasingly resort to cyber-crime.”
Kim’s believed to have several thousand hackers working for North Korea’s notorious “Reconnaissance General Bureau,” including an elite unit called “Bureau 121.”
Could they follow Russia’s lead and try to hack America’s political campaigns or even its military?
James Lewis, of the Center for Strategic & International Studies said, “North Koreans have the capability to hack weapons systems, electoral systems like what we’ve seen here. What the Russians did to the DNC is largely what the North Koreans did to Sony.”
Experts say North Korean hackers targeting U.S. banks is well within the realm of possibility.