BTC $85963.4279
ETH $2004.7170
XRP $2.4361
BNB $623.5534
SOL $132.6231
ADA $0.7099
DOGE $0.1724
TRX $0.2299
stETH $1999.5512
WBTC $85905.6580
LINK $14.4480
TON $3.6794
LEO $9.7668
USDS $0.9981
XLM $0.2829
AVAX $19.8178
CRO $0.0807
HBAR $0.1858
SUI $2.2864
DOT $4.4962
LTC $91.4421
OM $6.4362
BCH $325.0016
PI $0.9431
BGB $4.9251
WETH $2035.8593
HYPE $16.2711
USDE $0.9992
XMR $215.4879
UNI $6.6741
DAI $1.0001
APT $5.7149
NEAR $2.7734
WBT $29.1040
PEPE $0.0000
OKB $50.5006
GT $23.2286
ICP $5.8352
AAVE $184.8248
TKX $34.3904
ETC $17.7929
ONDO $0.8446
MNT $0.7908
TRUMP $11.4958
TAO $256.8205
VET $0.0251
KAS $0.0801
BTC $85963.4279
ETH $2004.7170
XRP $2.4361
BNB $623.5534
SOL $132.6231
ADA $0.7099
DOGE $0.1724
TRX $0.2299
stETH $1999.5512
WBTC $85905.6580
LINK $14.4480
TON $3.6794
LEO $9.7668
USDS $0.9981
XLM $0.2829
AVAX $19.8178
CRO $0.0807
HBAR $0.1858
SUI $2.2864
DOT $4.4962
LTC $91.4421
OM $6.4362
BCH $325.0016
PI $0.9431
BGB $4.9251
WETH $2035.8593
HYPE $16.2711
USDE $0.9992
XMR $215.4879
UNI $6.6741
DAI $1.0001
APT $5.7149
NEAR $2.7734
WBT $29.1040
PEPE $0.0000
OKB $50.5006
GT $23.2286
ICP $5.8352
AAVE $184.8248
TKX $34.3904
ETC $17.7929
ONDO $0.8446
MNT $0.7908
TRUMP $11.4958
TAO $256.8205
VET $0.0251
KAS $0.0801
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • New 'FrostyGoop' malware for ICS systems detected, targets critical infrastructure

    In early January 2024, a devastating cyberattack on a local energy company took place in the Ukrainian city of Lviv. Cybersecurity researchers have discovered a ninth malware targeting industrial control systems (ICS). The new malware, dubbed FrostyGoop, is the first to use Modbus TCP communication to sabotage operational technology (OT) networks.

    Dragos, an industrial cybersecurity company, discovered FrostyGoop in April 2024. According to their data, this malware, written in the Golang language, is able to communicate with industrial control systems via port 502 using the Modbus TCP protocol.

    FrostyGoop has a wide range of capabilities, including reading and writing data to ICS devices, processing Modbus commands, and logging. The main target of this malware was ENCO controllers that have TCP port 502 open to the Internet.

    The incident led to the loss of heating services in more than 600 apartment buildings for almost two days. According to the researchers, the attackers sent Modbus commands to the ENCO controllers, which caused inaccurate measurements and system malfunctions. Initial access was likely gained by exploiting a vulnerability in Mikrotik routers in April 2023.

    Although FrostyGoop makes extensive use of the Modbus protocol, it is not the only example of such malware. In 2022, Dragos and Mandiant described another ICS malware called PIPEDREAM, which also used various industrial networking protocols.

    The ability of malware to read or modify data on ICS devices using Modbus poses a serious threat to industrial operations and public safety. Dragos notes that more than 46,000 ICS devices available on the Internet communicate using this protocol.

    The researchers emphasize the importance of implementing comprehensive cybersecurity systems to protect critical infrastructure from similar threats in the future.

    Global scam by Stargazer Goblin: 3,000 fake GitHub accounts spreading malware
    Top 10 Emerging Cybercrime Methods in 2024

    Comments 0

    Add comment