Lazarus hackers suspected of targeting Indian space agency

Did Lazarus hackers sabotage India’s moon mission Chandrayaan-2? Unlikely but something was indeed going on.
Lazarus hackers use MageCart attacks to steal card data from EU & US stores

Did Lazarus hackers sabotage India’s moon mission Chandrayaan-2? Unlikely but something was indeed going on.

The ambitious yet doomed lunar landing mission by the Indian Space Research Organization (ISRO) called Chandrayaan-2 is supposedly failed on purpose by North Korea, claim Indian cyber-security experts. However, ISRO officials have denied that the mission was failed due to malware attack and explained that its systems weren’t affected at all.

It is believed that the infamous North Korean hacker group Lazarus attacked ISRO’s systems around the same time when the organization was trying to send a spacecraft to the moon. Ironically, ISRO was alerted about the suspected malware attack earlier in 2019 but the organization ignored the warning and didn’t take any concrete steps to mitigate the threat.

As per a report from Indian Express, the Kudankulam Nuclear Power Plant (KNPP), Tamil Nadu was also attacked along with ISRO. Analysts assessed that the attack was launched through phishing emails sent to senior officials. The threat was confirmed by the Computer Emergency Response Team, India (CERT-In), however, despite the notification ISRO failed to counter the threat.

Indian cyber security firm Security Bridge’s founder Yash Kadakia told Financial Times that the emails were loaded with malware and were sent to at least five government agencies including KNPP and ISRO. 

“They targeted senior officials with emails that had malware attachments relevant to their subject,” Kakadia revealed and added that if it had been successfully installed the malware could have easily hijacked the email ID and hackers could have sent more emails using the ID.

Apparently, ISRO employees opened the infected emails sent by North Korean hackers and got the malware installed on their systems.

Cyber security experts also claim that Lazarus hackers attacked the government organizations using DTrack malware, which is specifically linked with Lazarus, a group believed to be working for the North Korean government.

This is not the first time when Lazarus hackers have been accused of such a large scale malware attack. In 2018, the infamous group was accused of targeting banking and other financial giants to steal Bitcoin.

Did you enjoy reading this article? Like our page on Facebook and follow us on Twitter.

Related Posts