HYDERABAD: Cybersecurity researchers from Kaspersky have detected samples of a newly-discovered spying tool called Dtrack -- majorly from Telangana, Maharashtra and Karnataka. The previously-unknown spytool has been affecting the country’s financial institutions and research centres said Kaspersky.
According to the Russian antivirus company, Maharashtra has been the most hit with 24 per cent of Dtrack samples, followed by Karnataka (18.5 per cent), and then Telangana (12 per cent). The other affected States include West Bengal, Uttar Pradesh, Tamil Nadu, Delhi and Kerala.
Kaspersky researchers chanced upon Dtrack while working on ATMDtrack, which is a piece of banking malware that has been targeting the country’s banks. ATMDtrack is designed to be planted on the victims’ ATMs, where it could read and store the data of cards that were inserted into the machines.
On further investigation, they found more than 180 new malware samples that had similarities with ATMDtrack, but were not aimed at ATMs. Their functions defined them as spy tools, now known as Dtrack. The researchers also found similarities with the coding of Dtrack with malwares used by Lazarus — which is an advanced persistent threat (APT) actor responsible for multiple cyber espionage and cyber sabotage operations, said Kaspersky.
While speaking about this at a recent event in Delhi, Kaspersky’s security researcher Konstantin Zykov said, “The large amount of Dtrack samples we found demonstrate that Lazarus is constantly developing and evolving its threats to affect large-scale industries, while seeking to evade detection. The successful execution of Dtrack RAT proves that even when a threat seems to disappear, it can be resurrected in a different guise to attack new targets.” Saurabh Sharma, senior security researcher of Global Research and Analysis Team, Kaspersky APAC, said: “This shows that India needs to continue its efforts towards cybersecurity. The APT attack highlights the importance of investing in threat landscape intelligence.”