Several websites and multiple social media accounts are touting password-cracking software for PLCs, HMIs and project files, Dragos researchers have found. ![]() Thus, industrial engineers who can’t access PLC programming software or an HMI because they don’t know the right password occasionally turn to the internet to find a tool to help them crack it. Unfortunately, necessity often compels people to make bad decisions. Makes compromised hosts part of a peer-to-peer botnet that engages in password cracking and cryptocurrency miningĭownloading password-cracking software created by an unknown, untrusted third party is rarely (if ever!) a good idea.Abuses Windows’ autorun functionality to spread copies of itself over USBs, network shares, and external storage drives.Identifies security products (AVs, firewalls) and terminates them.Uses process injection and file infection to achieve persistence.The password-cracking software also carries a dropper that infects the machine with Sality malware, which: A threat actor is targeting industrial engineers and operators with trojanized password-cracking software for programmable logic controllers (PLCs) and human-machine interfaces (HMIs), exploiting their pressing needs to turn industrial workstations into dangerous bots.Īccording to Dragos researchers, the adversary seems not to be interested in disrupting industrial processes but making money.
0 Comments
Leave a Reply. |