CERT-In issues alert against LuaDream info-stealing malware
The Hindu
CERT-In warns of info-stealing malware LuaDream used by threat actor Sandman. It targets telecoms sector in multiple regions, with potential data theft and further attacks. It uses stolen admin credentials to gain access to networks and manage plugins for execution.
India’s Computer Emergency Response Team (CERT-In) has issued an alert for a newly surfaced info-stealing malware, named LuaDream.
The malware, being used by a previously unknown threat actor tagged as Sandman, is capable of user data collection, including IP addresses, OS information and more. The malware targets the telecommunications sector in various regions, with reported use in the Middle East, Western Europe, and South Asia. The malware posed significant risks including potential data theft to launch further attacks.
LuaDream is a multi-component backdoor malware with capabilities to manage plugins, exfiltrate system data and steal user data through multiple protocols, CERT-In shared in a blog post.
The operational style of Sandman is to evade detection by keeping a low profile while moving laterally within breached systems to maximise its cyberespionage operations.
(For top technology news of the day, subscribe to our tech newsletter Today’s Cache)
Threat actors first gain access to a corporate network using stolen administrative credentials, from the use of “Pass-the-hash” attacks to authenticate to remote services and services by extracting and reusing NTML hashes stored in memory, SentinelLabs said in a blog post.
Threat actors are known to use malware to steal admin credentials to gain access to the network of the target organization. From here threat actors collect data and manage plugins for execution on target systems that pose a range of potential adverse outcomes. The plugins can reportedly be used by threat actors for the ability to execute commands on the compromised device.
![](/newspic/picid-1269750-20240611104639.jpg)
The Madras High Court on Tuesday, June 11, 2024, rejected a plea by former special Director General of Police (DGP) Rajesh Das to restore the electricity service connection to a bungalow in Thaiyur near Kelambakkam in Chengalpattu district, and to restrain Tamil Nadu Generation and Distribution Corporation (Tangedco) officials from disturbing the power supply in future.
![](/newspic/picid-1269750-20240611100854.jpg)
The Madras High Court on Tuesday, June 11, 2024, permitted Anna University to deposit, in three monthly instalments, an amount of ₹73.23 lakh before the Central Government Industrial Tribunal (CGIT) as a condition to hear a statutory appeal preferred by the varsity against the Coimbatore Regional Provident Fund (RPF) Commissioner’s order to pay dues to the tune of ₹2.44 crore to contract employees.