North Korean Malicious Cyber Activity: FASTCash

Original release date: August 26, 2020

The Cybersecurity Security and Infrastructure Security Agency (CISA), the Department of the Treasury, the Federal Bureau of Investigation, and U.S. Cyber Command have released a joint Technical Alert and three Malware Analysis Reports (MARs) on the North Korean government’s ATM cash-out scheme—referred to by the U.S. Government as “FASTCash.” The U.S. Government refers to the group behind FASTCash as BeagleBoyz, a subset of HIDDEN COBRA.

CISA encourages users and administrators to review the following resources for more information.

This product is provided subject to this Notification and this Privacy & Use policy.