In the riveting first season of The Lazarus Heist, the Peabody-nominated BBC World Service podcast, we heard how cyber criminals hacked into the private correspondence of workers at Sony Pictures in 2014 and leaked it online. The hackers were alleged to have been working from North Korea and visiting revenge on Sony for The Interview, the Seth Rogen film that imagined the assassination of the North Korean leader Kim Jong Un. (Pyongyang officials have denied involvement and accused the US of trying to tarnish their country’s image.)
Given the outlandish nature of the story, which subsequently took in counterfeit currency and an audacious bank heist in Bangladesh, the podcast seemed like a one-off. But the Lazarus Group, the name under which this shadowy cyber crime collective operates, turns out to be a vast and many-headed beast which continues to find new and ingenious ways to wreak havoc. So now we have a second season, bringing with it an outré tale of a global heist worth $2.1bn and spanning 28 countries.
The series is once again hosted by Jean Lee, who opened the first and only US news bureau in North Korea, and Geoff White, a journalist specialising in tech and organised crime. At the centre of this new story is jackpotting, a practice that uses malware to control ATM machines. Long before the rise of the Lazarus Group, banks had been warned by the late security expert Barnaby Jack that cash machines were vulnerable to interference — the series opens with audio of a 2010 tech conference in which Jack wheeled an ATM on stage and, using his laptop, made it spew hundreds of fake banknotes. And so it came to pass in 2018 when so-called “money mules”, allegedly recruited by the Lazarus Group, visited 12,000 cashpoints across the world and, in the course of two hours, enacted a carefully co-ordinated international jackpotting spree. It’s with a clear note of admiration that White calls the operation “an extraordinary global flash-mob of crime”.
The opening episodes dig deep into how this complex heist was pulled off. We learn about the intricacies of banking systems, how law enforcement officials pieced together the scale of the crime and the machinations of the dark web. If the storytelling sometimes gets bogged down in detail — I began to zone out during a breakdown of the workings of cash machine software — the series comes with a remarkable cast of characters including a Versace-loving influencer named Hushpuppi, who was jailed last year for money laundering, and a dark web fraudster hilariously known as Big Boss. This is the kind of story that would make a terrific Hollywood movie, though that would probably be asking for trouble.
For further tales of online skulduggery, Hacking Humans is a surprisingly fun and accessible series on cyber crime. Hosted by Dave Bittner and Joe Carrigan, it covers everything from identity theft, phishing scams and ransomware attacks to AI and deepfakes.
