Wednesday, February 11, 2026
HomeNews
News

North Korean hackers attempted theft of millions from Mexican bank

MND Staff
By MND Staff
0
Bancomext was target of North Korean hackers.
Bancomext was target of North Korean hackers.

An elite group of North Korean hackers has been identified as responsible for cyberattacks on banks around the world — including Mexico’s state-owned development bank Bancomext — that netted hundreds of millions of dollars, security researchers said yesterday.

A report by United States cybersecurity company FireEye said the mission of the newly-identified group, dubbed APT38, is to raise funds for the North Korean regime headed by Supreme Leader Kim Jong-un.

“They are a cyber-criminal group with the skills of a cyber espionage campaign,” said Sandra Joyce, FireEye’s vice-president of intelligence. “They take their time to learn the intricacies of the organization.”

The attack on Bancomext occurred in early January and attempted to steal around US $110 million but was shut down before the funds were removed.

“Fortunately, the protocol and quick reaction of the area responsible for operation, with the help of banks, corresponding authorities and the Bank of México, contained this incident,” Bancomext said in a statement.

In May, the Bank of México revealed that five financial institutions had been targeted by cyberattacks that resulted in the loss of 300 million pesos (US $ 15.7 million at today’s exchange rate) although it is unclear whether the North Korean group was the source of the attacks.

The FireEye report said that APT38 is one of several hacking cells within a larger umbrella group known as “Lazarus” but that it has unique skills and tools that have allowed it to carry out some of the world’s largest cyber heists.

Joyce said that APT38 takes several months or longer to learn the workings of its targets before it launches an attack.

Once it succeeds in extracting funds, “they deploy destructive malware on their way out” to hide its traces, she added.

Joyce explained that FireEye decided to go public with its investigation because the group appears to be still operating and is “undeterred by any diplomatic efforts.”

APT38 appears to have “the scope and resources of a nation state,” she added.

Nalani Fraser, a member of the FireEye research team, said that APT38 attacks have attempted to steal at least US $1.1 billion since 2014 and have succeeded in siphoning off “hundreds of millions of dollars based on data that we can confirm.”

Source: AFP (sp) 

Have something to say? Paid Subscribers get all access to make & read comments.
dam level measurers

Cutzamala, the Mexico City area’s main water supply system, is getting its first upgrade in 4 decades

MND Staff - 0
The system, which carries water from three México state dams to 5 million users in the Valley of Mexico and its surroundings, uses some of the largest pumping equipment in the world.
stacks of peso bills signaling corruption

Mexico ranks last among OECD countries on 2025 Corruption Perceptions Index

MND Staff - 0
According to a global ranking of how transparent a country’s public sector is perceived to be by experts and business executives, Mexico scored 24/100 in 2025, down from its highest score of 35 in 2014.
EL PASO OCTOBER 24. FedEx departs the El Paso International Airport on the way to Memphis on October 24, 2014 at El Paso, Texas.

Did a Mexican cartel just try to attack El Paso?

MND Staff - 0
The FAA lifted the temporary closure of airspace over El Paso just hours after it said in a Notice to Airmen that aircraft could not fly above El Paso until Feb. 21 for "Special Security Reasons."
BETA Version - Powered by Perplexity

VIDEO OF THE WEEK

Mexico's English-language newspaper

About MND

MND FAMILY PLAN

MND KIDS

MND MERCH

Subscription FAQ's

COMMUNITY GUIDELINES

Contact

Privacy Policy

Mexico News Daily - Property of Tavana LLC