Security experts warn hackers behind ‘murderous malware’ dubbed Triton are BACK and targeting ‘critical infrastructure’

Hackers behind a murderous malware attack in 2017 are back say experts
The target was a ‘critical infrastructure facility’ similar to the last attack
In 2017 an oil refinery in Saudi Arabia was compromised to almost deadly results
Other victims of the hackers’ malware are likely yet to be discovered

By JAMES PERO
DAILYMAIL.COM
11 April 2019

The hackers behind ‘the most murderous malware’ in the world are back and have infected a key infrastructure facility, security analysts say.

Researchers at the firm FireEye say traces of a dangerous malware called Triton have cropped up for the second time since since 2017, when hackers leveraged it to gain control of critical processes at an oil plant in Saudi Arabia.

In a report, the firm did not reveal exactly where the attack happened, who the target was, or even how much damage, if any, was done, thought it did highlight some of the group’s apparent intentions.

‘The actor gained a foothold on the distributed control system (DCS) but did not leverage that access to learn about plant operations, exfiltrate sensitive information, tamper with the DCS controllers, or manipulate the process,’ reads the report.

It follows a report from MIT Technology Review earlier this year that warned the malware is ‘murderous’ and spreading.

According to Motherboard, withholding the disclosure of victims and details of attacks is a fairly common practice among firms who may be obligated by contract not to do so.

‘Critical infrastructure facility’ often refers to large scale operational facilities like nuclear power plants, water treatment centers, or power grids, the report states.

By masking their activity through innocuous file names, posing as legitimate administrative tools, and more, researchers say the group was able to stay undetected within the facility’s systems for a year before compromising it’s Safety Instrumented System (SIS).

SIS is a critical safety tool uses to monitor processes within various plants and other infrastructure facilities.

The Rest…HERE

This entry was posted on Friday, April 12th, 2019 at 11:21 am and is filed under Technology, Terror. You can follow any responses to this entry through the RSS 2.0 feed.