Friday , November 15 2019
Home / Hot Topics / Security / Kaspersky Spotted A New Spy Tool Dtrack in Top 3 States of India

Kaspersky Spotted A New Spy Tool Dtrack in Top 3 States of India

In 2018, Kaspersky researchers discovered ATMDtrack – malware created to infiltrate Indian ATMs and steal customer card data. Following further investigation using the Kaspersky Attribution Engine and other tools, the researchers found more than 180 new malware samples which had code sequence similarities with the ATMDtrack – but at the same time clearly were not aimed at ATMs. Instead their list of functions defined them as spy tools – now known as Dtrack. Moreover, not only did the two strains share similarities with each other, but also with the 2013 DarkSeoul campaign which was attributed to Lazarus – an infamous advanced persistence threat actor responsible for multiple cyberespionage and cyber sabotage operations.

The Dtrack samples were detected from as many as 18 states in India, where 24% were found in Maharashtra, followed by Karnataka (18.5%) and Telangana (12%). The other main infected states include West Bengal, Uttar Pradesh, Tamil Nadu, Delhi, Kerala.

Dtrack can be used as a remote admin tool (RAT), giving threat actors complete control over infected devices. Criminals can then perform different operations, such as uploading and downloading files and executing key processes.

The event saw Mr. Konstantin Zykov, Security Researcher at Kaspersky’s Global Research and Analysis Team, Kaspersky explaining about Dtrack, “The large amount of Dtrack samples we found demonstrate that Lazarus is one of the most active APT groups, constantly developing and evolving threats in a bid to affect large-scale industries and seeking to evade detection. Their successful execution of Dtrack RAT proves that even when a threat seems to disappear, it can be resurrected in a different guise to attack new targets.”

Saurabh Sharma, Senior Security Researcher (GReAT), Kaspersky (APAC), said, “Although we have seen the number of local threats in India have decreased in the last quarter comparatively to last year, India is still consistently ranked as Top 10 countries in Kaspersky’s Cybermap Real Time Threat. This shows that India still needs to continue increasing its cyber security efforts, and the advanced persistent threat attack highlights the importance of investing in threat landscape intelligence.”

The newly discovered malware is active and based on Kaspersky telemetry, and is still used in cyberattacks. For further information visit Securelist.com

To avoid being affected by malware, such as Dtrack RAT, Kaspersky recommends: 

  • Tightening their network and password policies,
  • Performing regular security audit of an organization’s IT infrastructure
  • Conducting regular security training sessions for staff
  • Use traffic monitoring software, such as Kaspersky Anti Targeted Attack Platform (KATA)
  • Use antivirus solutions

About Rajeev Ranjan

Rajeev has witnessed the growth of technology across all verticals since he started his career in journalism. With a vast experience of almost 11 years in the technology market in India, he has worked closely with the industry leaders and has been part of this revolution in IT & communication market in India. He started his career as an entrepreneur in 2009 in the technology world. Currently, he is Director of News Dot Media Pvt. Ltd., Chief Editor for Digital Terminal (Magazine & Online) & Telecomtoday.in  

Check Also

SecuraShield Launches AV Pro Cloud Premium to Combat the Advanced Threats

SecuraShield recently announced the launch of AV Pro Cloud Premium. SecuraShield AV Pro Cloud Premium ...

Leave a Reply

Your email address will not be published. Required fields are marked *