Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 21:46:50 UTC
Home > List all groups > List all tools > List all groups using tool ATMDtrack
 Tool: ATMDtrack
Names ATMDtrack
Category Malware
Type ATM malware, Backdoor
Description
(Kaspersky) Our investigation into the Dtrack RAT actually began with a different activity. In
the late summer of 2018, we discovered ATMDtrack, a piece of banking malware targeting
Indian banks. Further analysis showed that the malware was designed to be planted on the
victim’s ATMs, where it could read and store the data of cards that were inserted into the
machines. Naturally, we wanted to know more about that ATM malware, so we used YARA
and Kaspersky Attribution Engine to uncover more interesting material: over 180 new
malware samples of a spy tool that we now call Dtrack.
Information Last change to this tool card: 20 April 2020
Download this tool card in JSON format
All groups using tool ATMDtrack
Changed Name Country Observed
APT groups
 Lazarus Group, Hidden Cobra, Labyrinth Chollima 2007-May 2025
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=b809888d-f063-4b81-8f67-2cc4f9591165
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=b809888d-f063-4b81-8f67-2cc4f9591165
Page 1 of 1