The Kudankulam Nuclear Power Plant incident involved malware on KKNPP's administrative network in India, with DTrack/Preft samples configured for information theft using victim-specific internal paths, credentials, compression of collected data, and attempted copying to an internal controller host. Multiple analyses linked the tooling and code overlaps to Lazarus-associated DTrack activity while noting the intrusion appeared aimed at reconnaissance and data collection rather than destructive impact on core industrial systems.