We’re already aware that data breaches are on a constant rise these days. Hackers are making use of stealthy creative ways to get access to our sensitive data. Kaspersky, a Russia-based cybersecurity firm, revealed recently that it has discovered samples of ‘Dtrack’ malware from enterprises across Indian states including Maharashtra, Karnataka and Telangana, according to a report by IANS.
SEE ALSO: Researchers Uncover Hack Attack That Uses WAV Audio Files To Hide Malicious Code
The Dtrack malware is kind of a spy tool that can be used as a remote admin tool (RAT) by hackers to easily get access to sensitive data of these financial institutions. According to Kaspersky, a majority of these 'Dtrack' samples were found in Maharashtra (24 per cent) followed by Karnataka (18.5 per cent) and Telangana (12 per cent). Other states that have been infected by this malware includes West Bengal, Uttar Pradesh, Tamil Nadu, Delhi and Kerala. In fact, this malware is still active and is being used in various cyber attacks.
"The large amount of Dtrack samples we found demonstrated that Lazarus is one of the most active APT (Advanced Persistent Threat) groups, constantly developing and evolving threats in a bid to affect large-scale industries and seeking to evade detection. Their successful execution of Dtrack RAT proves that even when a threat seems to disappear, it can be resurrected in a different guise to attack new targets,” said Konstantin Zykov, Kaspersky’s Security Researcher.
SEE ALSO: WhatsApp Security Flaw Could Let Hackers Manipulate Messages
Researchers at Kaspersky had also uncovered "ATMDtrack" back in 2018, a malware that invades the Indian Automated Teller Machines (ATMs) and steal customer card data. "Following further investigation using the Kaspersky Attribution Engine and other tools, the researchers found more than 180 new malware samples which had code sequence similarities with the ATMDtrack - but at the same time clearly were not aimed at ATMs," Kaspersky told IANS.
If Indian enterprises wants to mitigate any attacks by this malware, Kaspersky recommends securing their network with strong password policies and regular security audit checkups of these firms’ IT infrastructure. Furthermore, regular security training sessions should be conducted for staff along with the use of traffic monitoring software.
Gloss