A Spyware in ATM Machines and Company Servers Can Steal Your Money and Data
According to Kaspersky researcher Konstantin Zykov, the tool is an evolution of the older ATMDtrack tool created by cybercrime consortium, Lazarus.
Image for representation.
Cybersecurity firm Kaspersky has reported the discovery of a new spyware tool that seemingly affects a large number of Indian firms in the financial and research space. The tool, which is called Dtrack, is an evolution of a previously reported tool, ATMDtrack, which was said to be in widespread use to target automated teller machines (ATMs) across India. With a code sequence that is identical to the latter financial theft tool, Dtrack is now believed to be actively targeting a large number of Indian institutions, in order to steal confidential data, personal details of employees and closed conversations, as well as remotely downloading malicious tools, tracking key logs and monitoring IP (internet protocol) traffic.
The operation of the Dtrack espionage and theft tool, according to Kaspersky security researcher Konstantin Zykov, is a rather unusual one for a coordinated cybercrime group such as Lazarus, which is suspected to be a state-sponsored entity. Touching upon this, Zykov states, “It focuses on conducting cyber espionage or sabotage operations. Yet, it has also been found to influence attacks that are clearly aimed at stealing money. The latter is quite unique for such a high profile threat actor because generally, other actors do not have financial motivations in their operations.”
However, Zykov believes that these characteristics make the Lazarus group’s operation of the Dtrack remote access tool even more dangerous. He says, “The vast amount of Dtrack samples we found demonstrate how Lazarus is one of the most active APT groups, constantly developing and evolving threats in a bid to affect large-scale industries. Their successful execution of Dtrack RAT proves that even when a threat seems to disappear, it can be resurrected in a different guise to attack new targets.”
While Kaspersky has not disclosed the identities of any affected entity, the company says that the firms in question typically have “weak network security policies and password standards, while also failing to track traffic across the organization.” This would seemingly cover a large number of companies, which often fail to prioritise cybersecurity as an area of investment, due to budget constraints and lack of initiatives.
Get the best of News18 delivered to your inbox - subscribe to News18 Daybreak. Follow News18.com on Twitter, Instagram, Facebook, Telegram, TikTok and on YouTube, and stay in the know with what's happening in the world around you – in real time.
Recommended For You
- Ranveer Singh Gets Cheeky with Deepika Padukone on Social Media
- Here's Why Aishwarya Rai is a Good Choice for the Hindi Version of Maleficent 2
- Copycat Art For Katrina Kaif's Make-up Line?
- FASTag Will Soon be Mandatory For Your Car: This is How The Digital Payment Tag Works
- Bajaj Chetak Electric Scooter Unveiled: Here's All You Need to Know