Tags: Cyber Security | Russia | hackers | triton | malware | infrastructure | security

Report: Russian Hackers' Triton Malware Targets 2nd Facility

a man stands with a fireeye logo reflected on his face
(Kamran Jebreili/AP)

By    |   Thursday, 11 April 2019 09:53 PM

The hacker group behind the Russia-linked Triton malware has burrowed its way into another unnamed "critical infrastructure" facility, this time in the Middle East, according to intelligence analysts at cybersecurity firm FireEye, TechCrunch reports.

The first attack shut down Saudi oil giant Petro Rabigh in 2017.

In both instances, hackers targeted Triconex safety industrial control systems to control operations of the facility and access safety systems that protect industrial facilities from potentially lethal physical accidents.

On the second attack, hackers waited close to a year after planting the malware before gaining access to an engineering workstation, per FireEye research released at the Security Analyst Summit 2019 this week.

"[Often] malware like Triton is deployed, and the adversaries . . . wait for the right time to use it," according to the analysis. "During this time, the attacker must ensure continued access to the target environment."

FireEye has not revealed whether the attack caused any damage.

"The Triton intrusion is shrouded in mystery," according to the report. "There has been some public discussion surrounding the Triton framework and its impact at the target site, yet little to no information has been shared on the tactics, techniques and procedures (TTPs) related to the intrusion lifecycle, or how the attack made it deep enough to impact the industrial processes."

© 2019 Newsmax. All rights reserved.

   
1Like our page
2Share
Newsfront
According to intelligence analysts at cybersecurity firm FireEye, the hacker group behind the Russia-linked Triton malware has burrowed its way into another unnamed "critical infrastructure" facility, this time in the Middle East, TechCrunch reported.
hackers, triton, malware, infrastructure, security, hacking
216
2019-53-11
Thursday, 11 April 2019 09:53 PM
Newsmax Media, Inc.
 

Newsmax, Moneynews, Newsmax Health, and Independent. American. are registered trademarks of Newsmax Media, Inc. Newsmax TV, and Newsmax World are trademarks of Newsmax Media, Inc.

NEWSMAX.COM
America's News Page
© Newsmax Media, Inc.
All Rights Reserved