BTC $99981.1257
ETH $3991.7813
XRP $2.5895
SOL $240.9292
BNB $754.5293
DOGE $0.4671
ADA $1.2102
stETH $3990.9049
TRX $0.3214
AVAX $51.8852
wstETH $4740.9165
TON $6.8198
UNI $17.6903
DOT $10.5857
LINK $24.8169
WBTC $99747.6011
WETH $3946.8662
HBAR $0.3340
SUI $4.3428
BCH $620.1565
PEPE $0.0000
LTC $134.3472
XLM $0.4937
NEAR $7.7130
APT $14.5099
ICP $14.5774
POL $0.6954
FET $2.0736
ETC $37.1498
CRO $0.2025
RENDER $10.4690
VET $0.0664
DAI $1.0001
USDE $1.0013
BSC-USD $0.9991
TAO $692.9322
ARB $1.1682
FIL $7.8471
BGB $2.8351
KAS $0.1807
AAVE $279.6132
ALGO $0.4977
IMX $2.0576
ONDO $1.7154
STX $2.6517
ATOM $10.1342
MNT $1.1592
BTC $99981.1257
ETH $3991.7813
XRP $2.5895
SOL $240.9292
BNB $754.5293
DOGE $0.4671
ADA $1.2102
stETH $3990.9049
TRX $0.3214
AVAX $51.8852
wstETH $4740.9165
TON $6.8198
UNI $17.6903
DOT $10.5857
LINK $24.8169
WBTC $99747.6011
WETH $3946.8662
HBAR $0.3340
SUI $4.3428
BCH $620.1565
PEPE $0.0000
LTC $134.3472
XLM $0.4937
NEAR $7.7130
APT $14.5099
ICP $14.5774
POL $0.6954
FET $2.0736
ETC $37.1498
CRO $0.2025
RENDER $10.4690
VET $0.0664
DAI $1.0001
USDE $1.0013
BSC-USD $0.9991
TAO $692.9322
ARB $1.1682
FIL $7.8471
BGB $2.8351
KAS $0.1807
AAVE $279.6132
ALGO $0.4977
IMX $2.0576
ONDO $1.7154
STX $2.6517
ATOM $10.1342
MNT $1.1592
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • New 'FrostyGoop' malware for ICS systems detected, targets critical infrastructure

    In early January 2024, a devastating cyberattack on a local energy company took place in the Ukrainian city of Lviv. Cybersecurity researchers have discovered a ninth malware targeting industrial control systems (ICS). The new malware, dubbed FrostyGoop, is the first to use Modbus TCP communication to sabotage operational technology (OT) networks.

    Dragos, an industrial cybersecurity company, discovered FrostyGoop in April 2024. According to their data, this malware, written in the Golang language, is able to communicate with industrial control systems via port 502 using the Modbus TCP protocol.

    FrostyGoop has a wide range of capabilities, including reading and writing data to ICS devices, processing Modbus commands, and logging. The main target of this malware was ENCO controllers that have TCP port 502 open to the Internet.

    The incident led to the loss of heating services in more than 600 apartment buildings for almost two days. According to the researchers, the attackers sent Modbus commands to the ENCO controllers, which caused inaccurate measurements and system malfunctions. Initial access was likely gained by exploiting a vulnerability in Mikrotik routers in April 2023.

    Although FrostyGoop makes extensive use of the Modbus protocol, it is not the only example of such malware. In 2022, Dragos and Mandiant described another ICS malware called PIPEDREAM, which also used various industrial networking protocols.

    The ability of malware to read or modify data on ICS devices using Modbus poses a serious threat to industrial operations and public safety. Dragos notes that more than 46,000 ICS devices available on the Internet communicate using this protocol.

    The researchers emphasize the importance of implementing comprehensive cybersecurity systems to protect critical infrastructure from similar threats in the future.

    Global scam by Stargazer Goblin: 3,000 fake GitHub accounts spreading malware
    Top 10 Emerging Cybercrime Methods in 2024

    Comments 0

    Add comment