Jump to content
  • Sign Up
Ukshep

'Industroyer' Malware Discovered That Can Take Down Power Grids

Recommended Posts

Slovakia-based security software maker ESET and US critical infrastructure security firm Dragos Inc. say they have discovered a new dangerous piece of malware in the wild that targets critical industrial control systems and is capable of causing blackouts.

Dubbed "Industroyer" or "CrashOverRide," the grid-sabotaging malware was likely to be used in the December 2016 cyber attack against Ukrainian electric utility Ukrenergo, which the security firms say represents a dangerous advancement in critical infrastructure hacking.

Unlike Stuxnet worm, the CrashOverRide malware does not exploit any "zero-day" software vulnerabilities to do its malicious activities; instead, it relies on four industrial communication protocols used worldwide in power supply infrastructure, transportation control systems, and other critical infrastructure systems.

The CrashOverRide malware can control electricity substation' switches and circuit breakers, designed decades ago, allowing an attacker to simply turning off power distribution, cascading failures and causing more severe damage to equipment.

Industroyer malware is a backdoor that first installs four payload components to take control of switches and circuit breakers; and then connects to a remote command-and-control server to receive commands from the attackers.

"The malware contains a few more features that are designed to enable it to remain under the radar, to ensure the malware's persistence, and to wipe all traces of itself after it has done its job.".

http://thehackernews.com/2017/06/electric-power-grid-malware.html

This is most definitely not good! Also @ESET da hell. You are famous now? hehe

Share this post


Link to post
Share on other sites
2 hours ago, Ukshep said:

Slovakia-based security software maker ESET and US critical infrastructure security firm Dragos Inc. say they have discovered a new dangerous piece of malware in the wild that targets critical industrial control systems and is capable of causing blackouts.

Dubbed "Industroyer" or "CrashOverRide," the grid-sabotaging malware was likely to be used in the December 2016 cyber attack against Ukrainian electric utility Ukrenergo, which the security firms say represents a dangerous advancement in critical infrastructure hacking.

Unlike Stuxnet worm, the CrashOverRide malware does not exploit any "zero-day" software vulnerabilities to do its malicious activities; instead, it relies on four industrial communication protocols used worldwide in power supply infrastructure, transportation control systems, and other critical infrastructure systems.

The CrashOverRide malware can control electricity substation' switches and circuit breakers, designed decades ago, allowing an attacker to simply turning off power distribution, cascading failures and causing more severe damage to equipment.

Industroyer malware is a backdoor that first installs four payload components to take control of switches and circuit breakers; and then connects to a remote command-and-control server to receive commands from the attackers.

"The malware contains a few more features that are designed to enable it to remain under the radar, to ensure the malware's persistence, and to wipe all traces of itself after it has done its job.".

http://thehackernews.com/2017/06/electric-power-grid-malware.html

This is most definitely not good! Also @ESET da hell. You are famous now? hehe

He he my nick-name here is actually after this product, I´m trying to be Anti-Virus for MSM, NWO, Secret societies....etc

 

Edited by ESET
  • Like 1

Share this post


Link to post
Share on other sites
5 minutes ago, ESET said:

He he my nick-name here is actually after this product, I´m trying to be Anti-Virus for MSM, NWO, Secret societies....etc

 

Thought that might be why :D 

Share this post


Link to post
Share on other sites

And just think, all they may need to get started is this. Make sure you watch the video and pay careful attention to what is being said.

http://money.cnn.com/2013/04/08/technology/security/shodan/index.html

Here is the tool to do it... Maybe:

https://www.shodan.io/

When you go to the above search engine link, watch for the words 'The search engine for' and the words that flash afterward. Watch for the words 'Power Plants.'

Also, see:

See the Big Picture

Websites are just one part of the Internet. There are power plants, Smart TVs, refrigerators and much more that can be found with Shodan!

Quote from 1st link: Shodan searchers have found control systems for a water park, a gas station, a hotel wine cooler and a crematorium. Cybersecurity researchers have even located command and control systems for nuclear power plants and a particle-accelerating cyclotron by using Shodan.

Maybe I shouldn't have posted this! @Ukshep

Edited by Cryptic Mole

Share this post


Link to post
Share on other sites

You guys remember a year or two ago about the leak that US nuke missle codes were on a floppy disk? Everyone in the MSM were up in arms about it and all I could think was that you can't hack a floppy.:D

Share this post


Link to post
Share on other sites
12 minutes ago, Quick1966 said:

You guys remember a year or two ago about the leak that US nuke missle codes were on a floppy disk? Everyone in the MSM were up in arms about it and all I could think was that you can't hack a floppy.:D

Sometimes older tech is safer. You can hack almost anything new!

Share this post


Link to post
Share on other sites

Your content will need to be approved by a moderator

Guest
You are commenting as a guest. If you have an account, please sign in.
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.