Was Hack on Indian Nuclear Plant Used to Test Cyber Intrusion Abilities?

The Nuclear Power Corporation of India has confirmed the discovery of malware on its network. According to a statement, the infection was found on a central computer that was not connected to the more sensitive internal systems.

Cybersecurity experts have linked the harmful code to North Korea’s Lazarus Group. The hacker unit uses a spectrum of vector attacks to steal funds for the administration. Pukhraj Singh, a former researcher at India’s National Technical Research Organization (NTRO), indicated via social media that the malware could be traced back to a recent VirusTotal finding.

Dubbed Dtrack, the version uploaded to the platform was specifically coded to target the institution’s IT infrastructure. An analysis of the virus reveals that it was set up to collect data on the facility’s network. The version relies on the Windows SMB Protocol file-sharing permissions to bypass security systems.

Dtrack is primarily configured as spyware and can collect keystrokes, list available files, and record browser history. It can additionally download other malware payloads.

There are numerous strains of Dtrack malware in the wild. Investigators recently stumbled upon a bunch of them on Indian ATMs. They were programmed to read user card information.

Questions pertaining to the latest attack on industrial systems linger because the Lazarus Group does not typically target such systems. Its most notable hacking campaigns have been tied to major crypto heists, some of which have led to hundreds of millions in losses.

Lazarus Hacker Unit Has Been Tied to Some Major Heists

The Lazarus hacker unit is said to be sponsored by the North Korean regime. It is tasked with finding loopholes on computer networks to steal funds, mine cryptocurrencies, and spy on foreign administrations.

The syndicate is believed to have been behind the audacious 2016 Bangladesh bank heist, which led to a loss of over $81 million. Its hackers were able to find loopholes in the SWIFT…

Source Link