Cybercrime has for some time been important to Pyongyang as a way of making up the serious financial shortfalls international sanctions have imposed on North Korea. Kaspersky has been tracking the Lazarus Group's AppleJeus campaign, and concludes that Pyongyang's hackers are becoming more careful, more sophisticated, and more focused on the cryptocurrency sector. If you're involved in alt-coin, look to your wallets. The Lazarus Group certainly is.
The ransomware attack that crippled British-based Travelex, a large currency exchange service, is now believed by investigators to have been under preparation for some time. The National reports that the gang behind REvil (or Sodinokibi) is the same crew responsible for the ostensibly retired GandCrab ransomware, and that they began working on their next set of targets shortly after standing down GandCrab. The Mirror says that the Travelex attack has spilled over to other banks, with some effects being felt by Barclays, Lloyds, HSBC, and RBS. Travelex, which has reverted to manual operations in the aftermath of the attack, still seems to be whistling past the graveyard, at least a little bit. Computing reports that the exchange service has held conversations with Britain's Information Commissioner's Office, but that it has yet to formally disclose a breach.
According to the Hindustan Times, a commission the Indian state of Chhattisgarh has appointed to investigate the infection of WhatsApp with Pegasus spyware has so far found no evidence that the incident can be attributed to India's national government. The discovery of Pegasus on devices belonging to opposition figures, journalists, and activists has led to speculation that it was a government operation. Investigation is ongoing.