Diplomacyindia.com


Malware stealing ATM card details of Indians traced to N.Korea

Malware stealing ATM card details of Indians traced to N.Korea
September 23
19:36 2019

New Delhi, Sep 23 A malware created to infiltrate Indian ATMs and steal customers card data has been traced to the Lazarus group controlled by the Reconnaissance General Bureau, North Korea’s primary intelligence bureau.

The Lazarus Group’s activities were widely reported after it was blamed for the 2014 cyber attack on Sony Pictures Entertainment and the 2017 WannaCry ransomware attack on countries including the US and Britain.

It is one of the three entities that the US sanctioned earlier this month.

“Lazarus is a rather unusual nation state sponsored group. On one hand, as many other similar groups do, it focuses on conducting cyberespionage or sabotage operations. Yet on the other hand, it has also been found to influence attacks that are clearly aimed at stealing money,” said Konstantin Zykov, Security Researcher at Kaspersky’s Global Research and Analysis Team.

Kaspersky researchers discovered ATMDtrack, a piece of banking malware targeting Indian banks in 2018. Further analysis showed that the malware was designed to be planted on the victim’s ATMs, where it could read and store the data of cards that were inserted into the machines.

Following further investigation, the researchers found more than 180 new malware samples which had code sequence similarities with the ATMDtrack – but at the same time clearly were not aimed at ATMs. Instead their list of functions defined them as spy tools — now known as “Dtrack”.

Spotted in Indian financial institutions and research centres, the Dtrack spyware is being used to upload and download files to the victims’ systems, record key strokes and conduct other actions typical of a malicious remote administration tool (RAT), Kaspersky researchers found.

Dtrack can be used as a remote administration tool, giving threat actors complete control over infected devices. Criminals can then perform different operations, such as uploading and downloading files and executing key processes.

Entities targeted by threat actors using the Dtrack remote administration tool often have weak network security policies and password standards, while also failing to track traffic across the organisation, Kaspersky said.

If successfully implemented, the spyware can list all available files and running processes, key logging, browser history and host IP addresses – including information about available networks and active connections.

This newly discovered malware is active and is still used in cyberattacks, Kaspersky warned.

“The vast amount of Dtrack samples we found demonstrate how Lazarus is one of the most active APT (advanced persistent threat) groups, constantly developing and evolving threats in a bid to affect large-scale industries,” Zykov said.

“Their successful execution of Dtrack RAT proves that even when a threat seems to disappear, it can be resurrected in a different guise to attack new targets.”

To avoid being affected by malware, such as Dtrack RAT, Kaspersky recommends using traffic monitoring software, adopting proven security solutions equipped with behaviour-based detection technologies, performing regular security audit of an organisation’s IT infrastructure, and conducting regular security training sessions for staff, among others.

In one of the largest data breaches in India’s banking system, an estimated 3.2 million debit cards issued by various public or private banks were affected by data breach in 2016.

The debit cards were compromised between May 21-July 11, 2016. The breach was caused by a malware injection in the Hitachi Payment Services’ systems. The breach occurred on Yes Bank’s ATM network managed by Hitachi, an investigation found.

Image Courtesy : Forbes.com

Tags
Share

Related Articles

0 Comments

No Comments Yet!

There are no comments at the moment, do you want to add one?

Write a comment

Write a Comment

Your email address will not be published.
Required fields are marked *

Social Icons

Diplomacyindia.com Video Interview with Shri Dnyaneshwar M. Mulay Secretary (CPV & OIA), Ministry of External Affairs speaking on an eventful journey of Indian Passport through its serveral phases, fast expanding network of passport seva kendras, evergrowing numbers, citizen centric service & new Initiatives

Diplomacyindia.com Video Interview with Shri Dnyaneshwar M. Mulay Secretary (CPV & OIA), Ministry of External Affairs speaking on safety & security features of the passport documents in an era of digitalisation his cherished moments & milestones as “Passport Man” of India tranforming the entire passport landscape.

Diplomacyindia.com Video Interview : Mrs. Reva Ganguly Das (IFS) Director General, Indian Council of Cultural Relations Speaking on Yoga Day Celebrations

Exclusive Interview to Diplomacyindia.com with Shri Upendra Tripathi, IAS Interim DG, International Solar Alliance (ISA) speaking on the journey of ISA so far, guiding principles, vision & priority areas & programmes for ISA.

Exclusive Interview to Diplomacyindia.com with Shri Upendra Tripathi, IAS Interim DG, International Solar Alliance (ISA) speaking on expanding rank of international solar alliance & opening the membership to the countries beyond tropics.

Diplomacyindia.com Exclusive Interview with Ambassador of Slovenia to India, H.E. Mr. Jozef Drofenik speaking on Bilateral Relations and Trade between India and Slovenia

Diplomacyindia.com Exclusive Interview with Ambassador of Slovenia to India, H. E. Mr. Jozef Drofenik speaking on Tourism in Slovenia

Pictures of Formal Launch of Website Diplomacyindia.com

Knowledge Partner

Exclusive Interview with Prime Minister of Guyana, H.E. Mr. Moses Veerasammy Nagamootoo during his recent visit to India.Highlights of the interview were Indian Cultural Connect, Vibrant Bilateral Ties and Cultural Connect and India’s Economic Prowess.

Video Message from Shri Prakash Javadekar, MoS (IC) for Forest, Environment & Climate Change on eve of Formal Launch of Website Diplomacyindia.com

Message from Gen. V K Singh, (Retd.) Hon’ble MoS, External Affairs to Diplomacyindia.com

WP2Social Auto Publish Powered By : XYZScripts.com