Security News > 2022 > November > North Korean Hackers Targeting Europe and Latin America with Updated DTrack Backdoor
Hackers tied to the North Korean government have been observed using an updated version of a backdoor known as Dtrack targeting a wide range of industries in Germany, Brazil, India, Italy, Mexico, Switzerland, Saudi Arabia, Turkey and the U.S. "Dtrack allows criminals to upload, download, start or delete files on the victim host," Kaspersky researchers Konstantin Zykov and Jornt van der Wiel said in a report.
Discovered in September 2019, the malware has been previously deployed in a cyber attack aimed at a nuclear power plant in India, with more recent intrusions using Dtrack as part of Maui ransomware attacks.
Industrial cybersecurity company Dragos attributed the nuclear facility attack to a threat actor it calls WASSONITE, pointing out the use of Dtrack for remote access to the compromised network.
Chief among the modules downloaded through Dtrack is a keylogger as well as tools to capture screenshots and gather system information.
"The Dtrack backdoor continues to be used actively by the Lazarus group," the researchers concluded.
"Modifications in the way the malware is packed show that Lazarus still sees Dtrack as an important asset."
News URL
https://thehackernews.com/2022/11/north-korean-hackers-targeting-europe.html
Related news
- North Korean govt hackers linked to Play ransomware attack (source)
- North Korean hackers pave the way for Play ransomware (source)
- North Korean hackers employ new tactics to compromise crypto-related businesses (source)
- North Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOS (source)
- North Korean hackers use new macOS malware against crypto firms (source)
- North Korean Hackers Target macOS Using Flutter-Embedded Malware (source)
- North Korean hackers create Flutter apps to bypass macOS security (source)
- Vietnamese Hacker Group Deploys New PXA Stealer Targeting Europe and Asia (source)
- Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia (source)
- North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn (source)