LIVE TV
ZEE Business
ZEE BUSINESS
हिंदी में पढ़ें  हिंदी में पढ़ें
Live TV
Live TV
  • Home
  • Budget 2021
  • Personal Finance
    • PPF
    • Mutual Funds
    • Income tax
    • EPFO
    • Income Tax Calculator
    • Personal Loan Calculator
    • Car Loan Calculator
    • Home Loan Calculator
    • SIP calculator
    • SWP Calculator
    • MF Returns Calculator
    • Lumpsum Calculator
  • India
    • Companies
    • Property
    • Startups
    • Uidai
  • Economy
    • Aviation
  • Tech
    • Mobiles
    • Apps
  • Auto
    • Cars
    • Bikes
  • Markets
    • Commodities
    • Currency
  • Jobs
  • Indian Railways
  • World
    • Economy
    • Politics
    • Markets
  • videos
  • photos
  • Authors
  • More ...
    • VIDEOS
    • PHOTOS
Business News » Technology News

Rare spying platform TajMahal discovered after 5 years

Researchers with cyber security firm Kaspersky Lab have uncovered a sophisticated spying platform, TajMahal, that has been active for more than five years now and appears to be unconnected to any known threat actors.

  • Twitter
  • Facebook
  • Linkedin
  • whatapp
Rare spying platform TajMahal discovered after 5 years
The TajMahal framework features around 80 malicious modules and includes functionality never before seen in an advanced persistent threat. Image source: PTI
Written By: IANS
Updated: Wed, Apr 17, 2019
07:07 am
IANS
RELATED NEWS
Banks under THREAT? This report suggests what they need to do! Banks under THREAT? This report suggests what they need to do!
7 useful tips to protect yourself from cyberattacks 7 useful tips to protect yourself from cyberattacks
'Dharma': This ransomware is attacking small and medium businesses, average loss is Rs 6.4 lakh 'Dharma': This ransomware is attacking small and medium businesses, average loss is Rs 6.4 lakh
Planning to sell stuff on OLX, Quikr? You might be cheated by fraudsters - Don't make these mistakes Planning to sell stuff on OLX, Quikr? You might be cheated by fraudsters - Don't make these mistakes
VVIP just lost WHOPPING Rs 23 lakh from her bank account! Save your money, don't make this mistake VVIP just lost WHOPPING Rs 23 lakh from her bank account! Save your money, don't make this mistake

Researchers with cyber security firm Kaspersky Lab have uncovered a sophisticated spying platform, TajMahal, that has been active for more than five years now and appears to be unconnected to any known threat actors. The TajMahal framework features around 80 malicious modules and includes functionality never before seen in an advanced persistent threat, such as the ability to steal information from printer queues and to grab previously seen files from a USB device the next time it reconnects, the researchers said.

Kaspersky Lab has so far seen only one victim, a foreign-based central Asian embassy, but it is likely that others have been affected.  "It seems highly unlikely that such a huge investment would be undertaken for only one victim. This suggests that there are either further victims not yet identified, or additional versions of this malware in the wild, or possibly both," said Alexey Shulmin, Lead Malware Analyst at Kaspersky Lab.

"The distribution and infection vectors for the threat also remain unknown. Somehow, it has stayed under the radar for over five years. Whether this is due to relative inactivity or something else is another intriguing question. There are no attribution clues nor any links we can find to known threat groups," Shulmin added.

Watch Zee Business Live here:

The name "TajMahal" comes from the name of the file used to exfiltrate the stolen data, Kaspersky Lab said.  The TajMahal framework is believed to include two main packages, self-named as "Tokyo" and "Yokohama".

Tokyo is the smaller of the two, with around three modules. It contains the main backdoor functionality, and periodically connects with the command and control servers. Tokyo leverages PowerShell and remains in the network even after the intrusion has moved to stage two. Stage two is the Yokohama package: a fully armed spying framework. Yokohama includes a Virtual File System (VFS) with all plug-ins, open source and proprietary third-party libraries, and configuration files.

Watch this Zee Business video here:

There are nearly 80 modules in all, and they include loaders, orchestrators, command and control communicators, audio recorders, keyloggers, screen and webcam grabbers, documents and cryptography key stealers.  TajMahal is also able to grab browser cookies, gather the backup list for Apple mobile devices, steal data from a CD burnt by a victim as well as documents in a printer queue, the researchers said.

It can also request the theft of a particular file from a previously seen USB stick, and the file will be stolen the next time the USB is connected to the computer. The targeted systems found by Kaspersky Lab were infected with both Tokyo and Yokohama. This suggests that Tokyo was used as first stage infection, deploying the fully-functional Yokohama package on interesting victims, and then left in for backup purposes.
 

Get Latest Business News, Stock Market Updates and Videos; Check your tax outgo through Income Tax Calculator and save money through our Personal Finance coverage. Check Business Breaking News Live on Zee Business Twitter and Facebook. Subscribe on YouTube.

TAGS:
Cyber attack
RELATED NEWS
Banks under THREAT? This report suggests what they need to do! Banks under THREAT? This report suggests what they need to do!
7 useful tips to protect yourself from cyberattacks 7 useful tips to protect yourself from cyberattacks
'Dharma': This ransomware is attacking small and medium businesses, average loss is Rs 6.4 lakh 'Dharma': This ransomware is attacking small and medium businesses, average loss is Rs 6.4 lakh
Planning to sell stuff on OLX, Quikr? You might be cheated by fraudsters - Don't make these mistakes Planning to sell stuff on OLX, Quikr? You might be cheated by fraudsters - Don't make these mistakes
VVIP just lost WHOPPING Rs 23 lakh from her bank account! Save your money, don't make this mistake VVIP just lost WHOPPING Rs 23 lakh from her bank account! Save your money, don't make this mistake

LATEST NEWS

We are working on Zomato IPO, Info Edge CFO and ED Chintan Thakkar said in chat with Anil Singhvi; wants boost for startups in Budget 2021

Stock Market Outlook with Anil Singhvi – White Oak Capital's Aashish Sommaiyaa talks about trends, Budget 2021 expectations, sectors to watch

LIVE: Maharashtra Gram Panchayat Elections Results: DECLARED for 1.25 lakh candidates! Check latest news, updates here

Budget in A Minute: What is Indirect Tax? Anil Singhvi explains in short and simple terms

High court stays Rajasthan Police Constable recruitment result over this reason| next hearing on January 20

Midcap Picks with Anil Singhvi: Market expert Rajesh Palviya recommended these 3 very strong stocks

PUBG Mobile India relaunch date; FAUG launch details - Here's is all you need to know

Budget 2021 Expectations LIVE: What India Inc. wants from Modi government, Nirmala Sitharaman?

PUBG Mobile India launch tomorrow? Check trailer and other reports and latest updates

GST: Never claim fake Input Tax Credit (ITC) in greed of money, else this will happen - Modi government is watching you!

  • India News
  • World News
  • Companies News
  • Market News
  • Personal Finance News
  • Technology News
  • Automobile News
  • Small Business News
  • Income Tax Calculator
  • Live TV
  • Videos
  • Photos
  • Author
  • Rss Feed
  • Advertise with us
  • Privacy Policy
  • Legal Disclaimer

Latest Trending Updates

  • EPFO
  • Budget 2020
  • Income Tax Return
  • Auto Expo 2020
  • Home Loan
  • Business News

Trending Topics

  • Income Tax
  • income Tax Calculator
  • 7th Pay Commission
  • Reserve Bank of India
  • GST
  • Latest Business News

Follow us on

zeebiz
zeebiz

Partner Sites

  • Zee News
  • Hindi News
  • Marathi News
  • Bengali News
  • Tamil News
  • Malayalam News
  • Gujarati News
  • Telugu News
  • Kannada News
  • DNA
  • WION
Copyright © Zee Media Corporation Ltd. All rights reserved