In the attack, the hackers also hacked the energy providers network, especially if those strains were designed to target Linux and Solaris-based systems. Industroyer2 was also deployed, presumably to cover its tracks, ESET added.Ī jack of the mouse, the hijacker hijacked the Energy providers Group Policy Object, a Microsoft-created component that can configure an IT network accountable.
We believe that CFDC aims to slow down the recovery process and discourage operators from regaining control of the ICS consoles. CaddyWiper, a malware, that can erase information on the computer, and save the computer from booting up again. The malware sample identified in the energy provider network was written on March 23, which indicates that the hackers plan on the attack two weeks earlier.ĮSET also discovered a few other infections in the energy provider network.
However, Ukrainian authorities say that the provider of energy suffered an initial compromise no later than February, the same month that Russia invaded Ukraine. It doesn’t seem to be able to distinguish between the new strain industroyer2 and the new strain. We believe the new variant was built using the same source code, ESET said. Evidence shows that the malware shares similarities to the original industroyer malware, that managed to disrupt the energy grid in 2016. If it is not to a power supply, the supply is to shut down.ĮSET’s attributing the malware to the Russian state-sponsored hacking group Sandworm, which the US government suspects works for the GRU. It was designed to communicate with the industrial equipment, including electrical substations, who convert the high voltage electric power to power homes and businesses.ĮSET still looks at how the Industroyer2 works, but found out the program was done on April 8 at 6pm. The malware, called Industroyer2, was found on a computer at the energy provider. On Tuesday, the computer-aware company ESET announced that it worked with the Ukrainian government to protect the malware attack against an unknown energy provider in the country.
#Apple power mac g4 desktop power cord windows
The Russian government might have tried to stop Ukraine’s energy grid by a Windows malware strain which might be able to control industrial systems.