Kaspersky Detects Lazarus-Controlled Servers in India

Kaspersky Detects Lazarus-Controlled Servers in India
Highlights
  • Kaspersky has detected some servers in India that were used by Lazarus
  • Lazarus is notoriously famous for large scale cyber-attacks
  • Kaspersky Lab uncovered a number of compromised servers

IT security software maker Kaspersky has detected some servers in India that were used by notorious cyber criminal gang Lazarus which is believed to be behind large scale cyber-attacks across the world including recent WannaCry ransomware.

While researching the latest activities of the infamous cyber criminal group Lazarus, Kaspersky Lab has uncovered a number of compromised servers being used as part of the threat actor's global command and control infrastructure, the software company said.

"The compromised servers, found in Indonesia, India, Bangladesh, Malaysia, Vietnam, South Korea, Taiwan, and Thailand, among others, could be used by Lazarus to launch targeted attacks against a company or organisation," Kaspersky Lab said in a statement.

Korean speaking Lazarus group is believed to be behind recent high profile cyber-attacks like the 2014 hack of Sony Pictures, the million-dollar Bangladesh Bank heist in 2016, and the recent WannaCry destructive ransomware epidemic, as per the statement.

The criminal group by name of Guardians of Peace had claimed responsibility on Sony Pictures. It had demanded Sony to pull down film 'The Interview' which was a comedy about a plot to assassinate North Korean leader Kim Jong-un.

Kaspersky said that Lazarus which is also Korean speaking group "is thought to be state-sponsored".

The US, China and India are top three countries housing maximum number of compromised servers, the Kaspersky Lab report said.

"According to open source intelligence, three of the top five countries that still have servers carrying this vulnerability are in the APAC region: China (with 7,848), India (1,524), and Hong Kong (1,102). The US tops the list with the most vulnerable servers (11,949), while United Kingdom ranks 5th with 805," the report said.

Kaspersky Lab said that researchers have discovered that the servers had been infected using malware called Manuscrypt, which could have been installed using a vulnerability in Microsoft Internet Information Services that was patched by Microsoft on June 13, 2017.

Comments

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

Super Mario Odyssey on Nintendo Switch: Release Date and Time, Kingdoms, and Everything You Need to Know
HTC U11 Plus Spotted on Certification Site Ahead of November 2 Launch
Share on Facebook Tweet Snapchat Share Reddit Comment
 
 

Advertisement

Advertisement

© Copyright Red Pixels Ventures Limited 2022. All rights reserved.