WELCOME

to the house of Harry Plopper

When Loza started working with the Texas-based group Lazarus last

Dec. 12, 2018 by Kimberly Parks Kimberly Parks photo

When Loza started working with the Texas-based group Lazarus last summer, he realized that the group was a lot more than just a group of hackers. It was a network of "black ops," he says. "They had this whole idea that we're a state, and we're gonna do something about this whole system."

Loza and other researchers tracked the group's activity. In one of the most recent cases, they traced the group's origin to a Texas-based bank called the Texas A&M Bank Co. The group's data was stored in a database that would allow them to see where the hackers had obtained the funds. And the group's network included data that, for years, had been used to access internal accounts of banks, including those that operated in Mexico.

In order to determine who was behind the intrusion, Loza and other researchers looked at the group's data for the first time over a decade ago, when Mexico's central bank made its first public announcement. They found that the group's website had been hijacked and that a group of hackers had used the IP address of a major local telecommunications company to hack into the network of AT&T-MTR, and that an anonymous hacker was behind the attack.

There's a lot of stuff going on here, Loza says, and the group has many more details to share. But one thing that's sure is that there's more to it than just what the data revealed. It's also worth looking into how people around the world have been affected by the attack. For example, just last month a group of hackers stole about $50 million from $15 billion of Mexican banking accounts.

"The fact of the matter is that there is a lot of very large and very small groups that have been compromised," Loza says. "The data that's in there is of tremendous benefit to our efforts." In short, it helps us understand how this information was stolen and what it's likely to do to people in Mexico.

And that's part of what I'm thinking about here. This is really the kind of story of hacking that we've been talking about for two decades—a very high level of sophistication, and not just about bank systems, but about how this information is accessed. And that's a good thing but it's also part of the problem—it's a new technology, and it affects every sector of the economy in that country.

When Loza first contacted the group to ask about the attacks, he was met with the

Comment an article