1 min read

Lazarus Group May Have Hacked Indian Nuclear Power Plant

Silviu STAHIE

October 31, 2019

Lazarus Group May Have Hacked Indian Nuclear Power Plant

Authorities from the Nuclear Power Corporation of India Limited (NPCIL) have admitted that malware, believed to originate from the Lazarus Group, infected the administrative network of the Kudankulam Nuclear Power Plant.

Initial reports about possible problems with the Kudankulam Nuclear Power Plant (KKNPP) surfaced a couple of days ago when a researcher who used to work for India’s National Technical Research Organization (NTRO) made the connection by using published results from VirusTotal. Now, the NPCIL has admitted that intruders had access to an administrative network.

Pukhraj Singh, the researcher who discovered the intrusion, referred to the event as casus belli, a Latin term used to describe an act of war. Talking with Ars Technica, Singh explained that he called the event an act of war because of a second target, which he also reported to the government, but didn’t want name publicly.

“Indication of malware in the NPCIL system is correct,” said NPCIL Associate Director A. K. Nema in a communique. “The matter was conveyed by CERT-in when it was noticed by them on September 4, 2019. The matter was immediately investigated by DAE specialists.”

“The investigation revealed that the infected PC belonged to a user who was connected to an Internet-connected network used for administrative purposes. This is isolated from the critical internal network. The networks are being continuously monitored.”

The attackers used malware called DTrack, which is a tool commonly employed by the Lazarus Group, a North Korean state actor. The fact that the intrusion was found accidentally could mean the hackers didn’t want to make their presence known. It’s unclear whether any information was stolen, and there’s no indication of what the second target might be.

Photo credit: Corporate Photographer Fredography

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands
Graham CLULEY

July 23, 2021

3 min read
Homoglyph domains used in BEC scams shut down by Microsoft Homoglyph domains used in BEC scams shut down by Microsoft
Graham CLULEY

July 22, 2021

3 min read
China Sets Up New Worrying Vulnerability Disclosure Rules China Sets Up New Worrying Vulnerability Disclosure Rules
Silviu STAHIE

July 20, 2021

1 min read