Cybersecurity solutions provider Kaspersky on Friday said it has discovered samples of ‘Dtrack’ – which comprises a set of tools that allow access to data from enterprises – across Indian states including Maharashtra, Karnataka and Telangana.
Last month, Kaspersky had discovered ‘ATMDtrack’ – a banking malware that was targeting ATMs in India to steal customer’s card data.
“Following further analysis using Kaspersky Attribution Engine and other tools, the researchers found over 180 new malware samples that had code sequence similarities with ATMDtrack. However, these were clearly not aimed at ATMs and instead their list of functions defined them as spy tools – now known as Dtrack,” Konstantin Zykov, Security Researcher at Kaspersky’s Global Research and Analysis Team told reporters here.
He added that there were also similarities with Lazarus Group’s 2013 DarkSeoul campaign.
“The Dtrack samples were detected from as many as 18 states in India, where 24 per cent were found in Maharashtra, followed by Karnataka (18.5 per cent) and Telangana (12 per cent). The other main infected states include West Bengal, Uttar Pradesh, Tamil Nadu, Delhi and Kerala,” he said.
Kaspersky did not disclose details of entities that may have faced such attacks.
Dtrack can be used as a remote admin tool (RAT), giving threat actors control over infected devices.
To protect themselves against such attacks, enterprises should tighten their network and password policies, perform regular security audits, train employees on security as well as monitor traffic against unusual activities.
They should also use security solutions and update them with the latest patches. PTI SR