A ‘Taj Mahal’ warning for you

Date:

Before Article Content · 728×90
Advertise Here

Trending

- Advertisement -

Researchers with cyber security firm Kaspersky Lab have uncovered a sophisticated spying platform, TajMahal, that has been active for more than five years now and appears to be unconnected to any known threat actors.

The TajMahal framework features around 80 malicious modules and includes functionality is never before seen in an advanced persistent threat, such as the ability to steal information from printer queues and to grab previously seen files from a USB device the next time it reconnects, the researchers said.

Kaspersky Lab has so far seen only one victim, a foreign-based central Asian embassy, but it is likely that others have been affected.

“It seems highly unlikely that such a huge investment would be undertaken for only one victim. This suggests that there are either further victims not yet identified, or additional versions of this malware in the wild, or possibly both,” said Alexey Shulmin, Lead Malware Analyst at Kaspersky Lab.

“The distribution and infection vectors for the threat also remain unknown. Somehow, it has stayed under the radar for over five years. Whether this is due to relative inactivity or something else is another intriguing question. There are no attribution clues nor any links we can find to known threat groups,” Shulmin added.

- Advertisement -

The name “TajMahal” comes from the name of the file used to exfiltrate the stolen data, Kaspersky Lab said.

The TajMahal framework is believed to include two main packages, self-named as “Tokyo” and “Yokohama”.

Tokyo is the smaller of the two, with around three modules. It contains the main backdoor functionality, and periodically connects with the command and control servers. Tokyo leverages PowerShell and remains in the network even after the intrusion has moved to stage two.

Stage two is the Yokohama package: a fully armed spying framework. Yokohama includes a Virtual File System (VFS) with all plug-ins, open source and proprietary third-party libraries, and configuration files. There are nearly 80 modules in all, and they include loaders, orchestrators, command and control communicators, audio recorders, keyloggers, screen and webcam grabbers, documents and cryptography key stealers.

- Advertisement -

TajMahal is also able to grab browser cookies, gather the backup list for Apple mobile devices, steal data from a CD burnt by a victim as well as documents in a printer queue, the researchers said.

It can also request the theft of a particular file from a previously seen USB stick, and the file will be stolen the next time the USB is connected to the computer.

The targeted systems found by Kaspersky Lab were infected with both Tokyo and Yokohama. This suggests that Tokyo was used as first stage infection, deploying the fully-functional Yokohama package on interesting victims, and then left in for backup purposes.

Stay ahead of the curve, every day.

A daily briefing covering news, interviews, and the trends driving the world forward. Curated for readers who want news, not noise.

We don’t spam! Read our privacy policy for more info.

- Advertisement -
Krishna Mali
Krishna Mali
Founder & Group Editor of TechGraph.

More Latest Stories

More Articles

StationPC PA100 Pro: The Next-Gen Portable NAS Storage Solution for On-the-Go Professionals

The next-generation PocketCloud (model: PA100 Pro) portable NAS from StationPC has officially been unveiled, following its launch on June 30, 2026. Positioned as a...

The Borderless Startup: FinStackk CGO Nithin Reddy on Simplifying Financial Operations for Global Founders

Speaking with TechGraph, Nithin Reddy, Co-founder & Chief Growth Officer at FinStackk, discussed how incorporating a business in the US has become increasingly accessible for global startups, while managing financial operations and regulatory compliance across fragmented systems continues to create operational complexity, and how...

The New Collateral in Lending Isn’t an Asset; It’s a Citizen’s Consent

Old habits die hard, and few habits in Indian finance have died harder than...

Why Do Most Enterprise AI Projects Never Make It Past the Pilot Stage?

Conceiving, developing, and implementing AI projects an optimum mix of creativity, dedication, and perseverance.

The Responsiveness Economy: DashLoc’s Sumit Singh on Redefining Customer Conversations with AI

Speaking with TechGraph, Sumit Singh, Co-Founder & CEO of DashLoc, discussed how businesses are...

How Generative AI Could Reshape Airline Distribution and Travel Retailing

Airline distribution is entering a new phase. For decades, the industry has relied on...

AI That Serves: Impact AI Foundry’s Arjun Balaji on Making Artificial Intelligence Accessible for Nonprofits

Speaking with TechGraph, Arjun Balaji, Co-Founder and Programme Director of Impact AI Foundry, discussed...

How AI Is Building India’s Next-Generation Emergency Mobility Infrastructure

Imagine this. A customer is stranded on the roadside due to a vehicle breakdown...

How Mixed-Use Ecosystems Will Shape the Next Decade of Urban India

India's urban growth story is entering a decisive phase. By 2036, nearly 600 million Indians are expected to live in urban centres, which are...

Human-in-the-Loop: Why AI in Education Still Needs the Professor

Generative AI is rapidly entering classrooms, boardrooms, and training programs. Yet a critical question...

Why Indian Men Are Quietly Moving Away From Fast Fashion

When a man opens his wardrobe, stares at a rail of clothes, and realises...

Simple Habits That Keep Your Car Running Longer

Keeping your car running longer doesn’t require expert-level knowledge—it comes down to building smart...

Why Indian Business Still Runs on Spreadsheets and WhatsApp for Treasury

India is home to one of the world's fastest-growing fintech ecosystems, projected to reach...

The New Age of Digital Assets: How Blockchain Is Redefining Financial Inclusion

Innovation is changing the nature of economic participation and making it more inclusive, especially with the development of blockchain technology. Blockchain technology introduces a...

The Efficiency Gap That Will Reshape Finance by 2030

Here is the number that should be keeping every CFO awake right now: 97% of finance teams have adopted AI. Yet 45% of financial leaders are still spending more than 60% of their time on manual tasks. That is not a technology problem. That...

The rise of tier-2 GCCs: How digital infrastructure is redefining India’s technology talent map

For the better part of two decades, India's Global Capability Centre (GCC) story was...

Nexchain AI Maps Its Final Path to Launch as $0.06 Token Presale Window Nears Its Close

Like a building project that moves from design to final inspections, the Nexchain AI...

Nexchain Rebuild Story Puts AI Layer 1 Development Back on the Crypto Presale Radar

Nexchain AI has brought its rebuild story back into focus as its AI Layer...

From IP to Global Leadership: Aum Ventures’ Chetan Mehta on India’s Next Deeptech Breakout Companies

Speaking with TechGraph, Chetan Mehta, Founding Partner at Aum Ventures, outlined why deeptech remains...

How Machine Learning Is Redefining Short-Term Borrowing for Tech-Savvy Consumers

Short-term lending has long relied on limited snapshots of a borrower’s history. That approach...

Why Players Buy LoL Boost and How the Process Works

If you’re researching why players buy lol boost, you’re usually trying to understand two...

India’s Air Crisis Needs a Deeptech Answer, Not a Consumer Gadget

Twenty years ago, an air conditioner in an Indian home was a luxury. Today...

India’s Cloud Cost Crisis: Why Startups Are Rethinking Their Tech Stack

Over the last ten years, startups in India have experienced an incredible boom driven...

Redrob AI Launches Professional AI Platform for India’s Workforce

In a bid to help students and professionals navigate an increasingly fragmented digital work...

Simple Habits That Keep Your Car Running Longer

Keeping your car running longer doesn’t require expert-level knowledge—it comes down to building smart...

“Budget should focus on reducing taxes on capital gains,” Says Abhishek Gupta of Hex N Bit

Speaking in the upcoming Union Budget 2021, Abhishek Gupta, Founder, and CEO, Hex N...

“China is a Global thief” Rep. Tom Rice on Uyghur Forced Labor Prevention Act

Speaking at the House on Uyghur Forced Labor Prevention Act, Rep. Tom Rice (R-SC)...

Nexchain Publishes New Roadmap as $0.06 Token Stage Continues

Nexchain has unveiled its updated development roadmap, providing the community with a clearer view...

Why Startups Are Turning to Virtual CFOs for Smarter Growth

​For a long time, finance leadership in startups followed a predictable path. Founders managed...

Why Indian Business Still Runs on Spreadsheets and WhatsApp for Treasury

India is home to one of the world's fastest-growing fintech ecosystems, projected to reach...

Key differences between a burner phone & prepaid phone

You may have heard both terms mentioned when it comes to protecting your identity....

Alphabet Discloses $2.14 Billion in Public Equity Holdings as of June 30

Alphabet Inc. disclosed $2.14 billion in equity securities held across 39 positions as of...

India to generate $100 bn from telephonic investments

India expects to attract $100 billion in investments in the telecom sector, a union...