2018-06

Liberian Financial Institution

The Liberian Financial Institution incident is tracked in UN sanctions and financial-incident timeline reporting as part of a broader set of cyber-enabled thefts against financial institutions and cryptocurrency exchanges. The linked UN evidence attribute…

🇱🇷 Liberia

2018-05

Taylor

Taylor reported that attackers stole project funds after gaining access to a team device and taking control of a 1Password file, emphasizing that the incident was not a smart-contract exploit but an endpoint and credential-vault compromise. The theft incl…

🇪🇪 Estonia

2018-05

Banco de Chile

Banco de Chile is tracked as a May 2018 Chilean financial-sector and SWIFT-related incident across financial-hack trend reporting and the UN Panel of Experts’ DPRK sanctions-evasion reporting. The linked UN evidence frames the wider set of bank and exchan…

🇨🇱 Chile

2018-05

Sejong Institue

The Sejong Institute incident was a South Korea-focused watering-hole operation against reunification, diplomacy, and security stakeholders, using an ActiveX vulnerability in AcubeFileCtrl.ocx before version 2.3.0.4 to download and execute malware. The in…

🇰🇷 Korea, Republic of

2018-05

Simplii Financial

Simplii is linked to NSHC’s SectorA01 custom proxy utility analysis, which describes continued attacks against financial-sector targets worldwide and cautions that attribution should be based on repeated TTP, protector, function, and algorithm comparisons…

🇨🇦 Canada

2018-04

Gate.io

Gate.io was targeted in a cryptocurrency exchange supply-chain attack that reporting linked to remote access tooling and cryptocurrency theft, with later reporting describing North Korean hackers moving funds from the 2018 theft. The incident highlights t…

🇰🇾 Cayman Islands

2018-04

CoinSecure

CoinSecure disclosed the theft of 438 BTC from its main wallet and said its system had not been compromised, instead tying the loss to exposure of wallet private keys during a Bitcoin Gold extraction process. The exchange filed complaints with Indian auth…

🇮🇳 India

2018-03

Malaysian Central Bank

On March 29, 2018, attackers attempted to use fraudulent SWIFT transactions to steal about $390 million from Malaysia’s central bank. Carnegie’s timeline says no funds were stolen and the bank’s payment systems remained unaffected, while UN Panel-linked r…

🇲🇾 Malaysia

2018-03

Cypherium

Cypherium was referenced in reporting about related cryptocurrency theft activity, where Taylor said wallet activity from the theft of its project funds appeared connected to the reported CypheriumChain theft involving more than 17,000 ETH. The available …

🇺🇸 United States

2018-02

City Union Bank

Group-IB listed City Union Bank in India among Lazarus-attributed SWIFT theft cases and reported a $1.87 million loss in the same financial-sector campaign set that included Banco de Chile, Cosmos Bank, Bank of Valletta, and Punjab National Bank. The evid…

🇮🇳 India

2018-02

Punjab National Bank

Group-IB listed Punjab National Bank in India among Lazarus-attributed SWIFT incidents from early 2018 in its financial-sector threat reporting. The report places the case in a broader North Korea-linked pattern of prepared SWIFT cash-out operations again…

🇮🇳 India

2018-01

Coincheck

Coincheck published an incident notice after restricting NEM deposits, then suspending NEM trading and withdrawals, pausing withdrawals across handled currencies including JPY, halting most altcoin trading, and stopping several fiat deposit methods while …

🇯🇵 Japan

2018-01

Metrolinx

In January 2018, Canadian transit agency Metrolinx confirmed a cyberattack traced to a North Korean source. The intrusion breached a firewall but affected a system not tied to customer data, employee data, or safety systems; Metrolinx said it detected and…

🇨🇦 Canada

2018-01

Bancomext

Bancomext appears in reporting on 2018 Mexican banking and wire-transfer payment-system incidents, where attackers were discussed in the context of compromise paths involving concentrators, servers, developers, contractors, and internal banking networks. …

🇲🇽 Mexico

2018-01

Costa Rican Financial Institution

A private Costa Rican financial institution was targeted in January 2018 in an attempted USD 19 million theft. Carnegie's financial-sector timeline and UN Panel reporting linked the case to DPRK-affiliated actors, placing it within the wider North Korean …

🇨🇷 Costa Rica