Technology
'Dtrack' malware detected in 18 states, Maha tops: Kaspersky
New Delhi, Oct 18
Maharashtra is in the top in the list of 18 Indian states where samples of "Dtrack" malware have been detected in financial institutions, raising significant concern for security systems, research by Russia-based cyber security firm Kaspersky revealed.
The maximum 'Dtrack' samples were found in Maharashtra (24 per cent) followed by Karnataka (18.5 per cent) and Telangana (12 per cent), said Kaspersky.
The other infected states include West Bengal, Uttar Pradesh, Tamil Nadu, Delhi and Kerala, said the firm, explaining that Dtrack is a spy tool which had been spotted in Indian financial institutions and research centres last year.
Marking the security concerns, the firm said that the newly-discovered malware is "active and based on Kaspersky telemetry", and is still used in "cyber attacks".
The firm said that its researchers in 2018 discovered "ATMDtrack"-- a malware created to infiltrate Indian Automated Teller Machines (ATMs) and steal customer card data.
"Following further investigation using the Kaspersky Attribution Engine and other tools, the researchers found more than 180 new malware samples which had code sequence similarties with the ATMDtrack - but at the same time clearly were not aimed at ATMs," Kaspersky said.
"Instead their list of functions defined them as spy tools - now known as Dtrack."
Moreover, not only did the two strains share similarities with each other, but also with the 2013 Dark Seoul campaign which was attributed to Lazarus - an infamous advanced persistent threat actor responsible for multiple cyberespionage and cyber sabotage operations, Kaspersky said.
As per the firm, Dtrack can be used as Remote Admin Tool (RAT), giving threat actors complete control over infected devices. "Criminals can then perform different operations, such as uploading and downloading files and executing key processes."
Saurabh Sharma, Senior Security Researcher Global Research and Analysis Team (GReAT), Kaspersky (APAC), said: "Although we have seen the number of local threats in India decreasing in the last quarter compared to last year, the country is still consistently ranked as top 10 countries in Kaspersky's Cybermap Real Time Threat."
"This shows that India still needs to continue increasing its cyber security efforts, and the advanced persistent threat attack highlights the importance of investigating in threat landscape intelligence."
To avoid being affected by the malware such as Dtrack RAT, Kaspersky recommended to tighten their network and password policies as well as perform regular security audit of an organisation's IT infrastructure.
The firm also suggests to conduct regular security training sessions for staff, use traffic monitoring software such as Kaspersky Anti Targeted Attack Platform (KATA) and use anti-virus solutions.
Explaining about Dtrack, Kaspersky's Security Researcher Konstantin Zykov, in a recent event in Delhi, had said: "The large amount of Dtrack samples we found demonstrated that Lazarus is one of the most active APT (Advanced Persistent Threat) groups, constantly developing and evolving threats in a bid to affect large-scale industries and seeking to evade detection."
"Their successful execution of Dtrack RAT proves that even when a threat seems to disappear, it can be resurrected in a different guise to attack new targets."
Founded in 1997, Kaspersky said its deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe.
Informing that its comprehensive security portfolio includes leading endpoint protection and a number of specialised security solutions and services to fight sophisticated and evolving digital threats, Kaspersky said it protects over 400 million users through its technologies and help 2.70 lakh corporate clients protect what matters most to them.
The maximum 'Dtrack' samples were found in Maharashtra (24 per cent) followed by Karnataka (18.5 per cent) and Telangana (12 per cent), said Kaspersky.
The other infected states include West Bengal, Uttar Pradesh, Tamil Nadu, Delhi and Kerala, said the firm, explaining that Dtrack is a spy tool which had been spotted in Indian financial institutions and research centres last year.
Marking the security concerns, the firm said that the newly-discovered malware is "active and based on Kaspersky telemetry", and is still used in "cyber attacks".
The firm said that its researchers in 2018 discovered "ATMDtrack"-- a malware created to infiltrate Indian Automated Teller Machines (ATMs) and steal customer card data.
"Following further investigation using the Kaspersky Attribution Engine and other tools, the researchers found more than 180 new malware samples which had code sequence similarties with the ATMDtrack - but at the same time clearly were not aimed at ATMs," Kaspersky said.
"Instead their list of functions defined them as spy tools - now known as Dtrack."
Moreover, not only did the two strains share similarities with each other, but also with the 2013 Dark Seoul campaign which was attributed to Lazarus - an infamous advanced persistent threat actor responsible for multiple cyberespionage and cyber sabotage operations, Kaspersky said.
As per the firm, Dtrack can be used as Remote Admin Tool (RAT), giving threat actors complete control over infected devices. "Criminals can then perform different operations, such as uploading and downloading files and executing key processes."
Saurabh Sharma, Senior Security Researcher Global Research and Analysis Team (GReAT), Kaspersky (APAC), said: "Although we have seen the number of local threats in India decreasing in the last quarter compared to last year, the country is still consistently ranked as top 10 countries in Kaspersky's Cybermap Real Time Threat."
"This shows that India still needs to continue increasing its cyber security efforts, and the advanced persistent threat attack highlights the importance of investigating in threat landscape intelligence."
To avoid being affected by the malware such as Dtrack RAT, Kaspersky recommended to tighten their network and password policies as well as perform regular security audit of an organisation's IT infrastructure.
The firm also suggests to conduct regular security training sessions for staff, use traffic monitoring software such as Kaspersky Anti Targeted Attack Platform (KATA) and use anti-virus solutions.
Explaining about Dtrack, Kaspersky's Security Researcher Konstantin Zykov, in a recent event in Delhi, had said: "The large amount of Dtrack samples we found demonstrated that Lazarus is one of the most active APT (Advanced Persistent Threat) groups, constantly developing and evolving threats in a bid to affect large-scale industries and seeking to evade detection."
"Their successful execution of Dtrack RAT proves that even when a threat seems to disappear, it can be resurrected in a different guise to attack new targets."
Founded in 1997, Kaspersky said its deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe.
Informing that its comprehensive security portfolio includes leading endpoint protection and a number of specialised security solutions and services to fight sophisticated and evolving digital threats, Kaspersky said it protects over 400 million users through its technologies and help 2.70 lakh corporate clients protect what matters most to them.
16 hours ago
Indian American Pavan Davuluri Appointed Head of Windows and Surface Devices Teams by Microsoft
16 hours ago
The H-1B lottery will be held by USCIS, and initial registration is closed.
17 hours ago
On International Women's Day, Malabar Gold and Diamonds celebrates with the Indian Women's Club of Northshore, Illinois.
17 hours ago
Rights organizations unite to condemn the surge of Hindu supremacy in the US
18 hours ago
'Unacceptable, unwarranted': India again slams US' remarks on Arvind Kejriwal
18 hours ago
Kerala CPI-M legends' tombs vandalised in Kannur, probe launched
18 hours ago
The journey of Supreme Court and India’s fundamental rights has been a constant struggle: SG Tushar Mehta
20 hours ago
Mumbai doctors save micro-preemie baby born at 23 weeks weighing 620 grams
20 hours ago
New AI tool can predict fatal heart rhythm with 80 pc accuracy
20 hours ago
South Korea to bar intern doctors if they don't register for jobs
20 hours ago
Smart TV shipments drop 16 pc as premium TVs drive growth in India: Report
20 hours ago
New paper-based device to make on-spot glucose testing using smartphone
20 hours ago
Only 4 pc of Indian firms are 'mature' to tackle modern cyber attacks: Report