BTC $84383.5638
ETH $1583.2380
XRP $2.0624
BNB $593.7649
SOL $132.9631
ADA $0.6162
TRX $0.2430
DOGE $0.1564
stETH $1581.4732
WBTC $84388.4151
USDS $1.0011
LEO $9.0797
LINK $12.5146
AVAX $18.9073
TON $2.9953
XLM $0.2416
HBAR $0.1642
SUI $2.1083
BCH $341.6773
DOT $3.6882
LTC $75.7586
HYPE $16.4600
BGB $4.4172
USDE $0.9989
WETH $1585.4937
XMR $216.6159
PI $0.6204
WBT $27.9706
DAI $0.9995
OKB $50.4342
PEPE $0.0000
UNI $5.1561
APT $4.7155
GT $22.2905
ONDO $0.8248
NEAR $2.0559
CRO $0.0835
ETC $15.4938
ICP $4.7802
TAO $260.4178
MNT $0.6644
AAVE $137.9355
RENDER $3.9188
KAS $0.0763
VET $0.0230
POL $0.1876
ATOM $4.1486
BTC $84383.5638
ETH $1583.2380
XRP $2.0624
BNB $593.7649
SOL $132.9631
ADA $0.6162
TRX $0.2430
DOGE $0.1564
stETH $1581.4732
WBTC $84388.4151
USDS $1.0011
LEO $9.0797
LINK $12.5146
AVAX $18.9073
TON $2.9953
XLM $0.2416
HBAR $0.1642
SUI $2.1083
BCH $341.6773
DOT $3.6882
LTC $75.7586
HYPE $16.4600
BGB $4.4172
USDE $0.9989
WETH $1585.4937
XMR $216.6159
PI $0.6204
WBT $27.9706
DAI $0.9995
OKB $50.4342
PEPE $0.0000
UNI $5.1561
APT $4.7155
GT $22.2905
ONDO $0.8248
NEAR $2.0559
CRO $0.0835
ETC $15.4938
ICP $4.7802
TAO $260.4178
MNT $0.6644
AAVE $137.9355
RENDER $3.9188
KAS $0.0763
VET $0.0230
POL $0.1876
ATOM $4.1486
  • Catalog
  • Blog
  • Tor Relay
  • Jabber
  • One-Time notes
  • Temp Email
  • What is TOR?
  • We are in tor
  • New 'FrostyGoop' malware for ICS systems detected, targets critical infrastructure

    In early January 2024, a devastating cyberattack on a local energy company took place in the Ukrainian city of Lviv. Cybersecurity researchers have discovered a ninth malware targeting industrial control systems (ICS). The new malware, dubbed FrostyGoop, is the first to use Modbus TCP communication to sabotage operational technology (OT) networks.

    Dragos, an industrial cybersecurity company, discovered FrostyGoop in April 2024. According to their data, this malware, written in the Golang language, is able to communicate with industrial control systems via port 502 using the Modbus TCP protocol.

    FrostyGoop has a wide range of capabilities, including reading and writing data to ICS devices, processing Modbus commands, and logging. The main target of this malware was ENCO controllers that have TCP port 502 open to the Internet.

    The incident led to the loss of heating services in more than 600 apartment buildings for almost two days. According to the researchers, the attackers sent Modbus commands to the ENCO controllers, which caused inaccurate measurements and system malfunctions. Initial access was likely gained by exploiting a vulnerability in Mikrotik routers in April 2023.

    Although FrostyGoop makes extensive use of the Modbus protocol, it is not the only example of such malware. In 2022, Dragos and Mandiant described another ICS malware called PIPEDREAM, which also used various industrial networking protocols.

    The ability of malware to read or modify data on ICS devices using Modbus poses a serious threat to industrial operations and public safety. Dragos notes that more than 46,000 ICS devices available on the Internet communicate using this protocol.

    The researchers emphasize the importance of implementing comprehensive cybersecurity systems to protect critical infrastructure from similar threats in the future.

    Global scam by Stargazer Goblin: 3,000 fake GitHub accounts spreading malware
    Top 10 Emerging Cybercrime Methods in 2024

    Comments 0

    Add comment