US Industrial Safety Systems Targeted by Xenotime Hacking Group
Target: Industries using Triconex safety instrumented systems. Attack Vector: Multi stage download. Summary: Industrial safety systems in the US, used in the oil and electricity industry, have been the victims of a malware attack from a hacker group dubbed Xenotime. This is a new variant of the group’s tailor-made Trisis malware that was used successfully in attacks against critical infrastructure in the Middle East.
Risk assessment summary: This threat is assessed at 3c MODERATE. Although the malware was not successfully executed, it is believed that people are still being targeted. The group are still active and as they are targeting critical infrastructure and safety systems, the result can only be serious damage or loss of life. The risk is further raised as the group are seen to be highly sophisticated and possibly state sponsored, although there is no proof of this yet.