North Korean malware found on Indian Nuclear plant

malware dtrack attacks on Indian nuclear plant

The smoke of doubt of attack was already prevailing in the last days of October. Just a couple of days later, Nuclear Power Corporation of India Ltd (NPCIL) acknowledged the breach. The attack was probably carried out by North Korea as the malware was developed by North Korean hackers.

Kudankulam Nuclear Power Plant (KNPP) India’s largest nuclear power plant from Tamil Nadu was the victim of this attack. The research team said that the malware was specifically designed for the KNPP’s internal network. The code of the malware revealed that the credentials were hardcoded into the malware.

Security researchers from across the globe identified this malware as the part or version of DTrack Trojan. This Trojan has been developed by North Korea’s top hacking group. The accusations of the attack were already being made but a few days later the NPCIL, the parent company of KNPP released a statement confirming the attack on KNPP’s internal network.

NPCIL further added that malware didn’t reach its critical internal network that controls the power plant reactors. The two networks were isolated, NPCIL said.

Kaspersky has already been observing and studying several malware attacks including the North Korean infamous DTrack malware. The Russian company, Kaspersky said that the features of the malware are not very harming in nature. The features of the malware are, keylogging, gathering IP information and active networks, accessing browser history, etc.

Another version of the DTrack malware named ATMDtrack which was developed to target ATMs of Indian banks. Attacks on Indian ATM banks were also confirmed by several security research companies in the month of September 2019.

It is evident from its features that these types of malware are generally used for reconnaissance purposes and later dropping other malwares. All these attacks are mostly politically motivated. Most of the attacks by North Korea are carried out on banks and cryptocurrency exchanges to raise funds for their various programs. North Korea also tries to spot or monitor the fled citizens of its country.

Jai Singh

Love reading and writing about technology, trying new stuffs and spreading the same in most easy way possible.

Leave a Reply

Your email address will not be published.