Hackers shut down heating in Ukrainian city with malware, researchers say
Hackers used FrostyGoop malware to disrupt Lviv's energy company, causing a two-day heating outage in 600+ buildings. Dragos identified the attack, emphasizing the global threat of cyberattacks on critical infrastructure.
Read original article
Hackers targeted a municipal energy company in Lviv, Ukraine, with malware named FrostyGoop, causing a two-day central heating outage affecting over 600 apartment buildings in January 2024. The cybersecurity company Dragos identified the malware, designed to disrupt industrial control systems, specifically heating system controllers. The attack exploited vulnerabilities in internet-exposed devices, including an ENCO controller, leading to inaccurate measurements and heating loss. Despite Russian IP addresses, Dragos did not attribute the attack to a specific group or government. This incident highlights the increasing threat of cyberattacks on critical infrastructure globally. Dragos emphasized the malware's potential to target other facilities using the Modbus protocol. The attack, aimed at undermining morale, was seen as a psychological effort rather than a physical one. Dragos cautioned against overhyping the impact of FrostyGoop, emphasizing the need for vigilance in protecting against such cyber threats. Ukrainian authorities swiftly neutralized the attack, restoring services to affected households.
Related
How Ukraine built a volunteer hacker army from scratch
Ukraine formed a volunteer hacker army, the IT Army, to counter the Russian invasion in 2022. With 300,000 members, they conducted 2,000 cyber attacks, targeting Russian infrastructure and evolving tactics to combat improved defenses.
Microsoft Alerts More Customers to Email Theft in Expanding
Microsoft alerts more customers about email theft post-Midnight Blizzard hack by Russian government. Stolen emails accessed, shared with affected organizations for transparency. Ongoing attack used for planning further attacks. Assistance provided to mitigate risks.
Europol nukes nearly 600 IP addresses in Cobalt Strike crackdown
Europol's Operation Morpheus targeted 600 IP addresses hosting illegal Cobalt Strike copies, collaborating with global partners to disrupt cybercriminal activities. Concerns persist despite efforts to prevent misuse.
CrowdStrike IT outage affected 8.5M Windows devices, Microsoft says
Microsoft reports a major global IT outage due to a faulty CrowdStrike update affecting 8.5 million Windows devices. Cybersecurity measures are stressed to prevent further disruptions and hacking attempts.
How Russia-Linked Malware Cut Heat to 600 Ukrainian Buildings in Deep Winter
Russia-linked malware FrostyGoop disrupted Lviv heating utility, affecting 600 buildings for 48 hours in January. The attack manipulated temperature readings via Modbus protocol, showcasing evolving tactics in Russia's campaign against Ukraine.
0 commentsRelated
How Ukraine built a volunteer hacker army from scratch
Ukraine formed a volunteer hacker army, the IT Army, to counter the Russian invasion in 2022. With 300,000 members, they conducted 2,000 cyber attacks, targeting Russian infrastructure and evolving tactics to combat improved defenses.
Microsoft Alerts More Customers to Email Theft in Expanding
Microsoft alerts more customers about email theft post-Midnight Blizzard hack by Russian government. Stolen emails accessed, shared with affected organizations for transparency. Ongoing attack used for planning further attacks. Assistance provided to mitigate risks.
Europol nukes nearly 600 IP addresses in Cobalt Strike crackdown
Europol's Operation Morpheus targeted 600 IP addresses hosting illegal Cobalt Strike copies, collaborating with global partners to disrupt cybercriminal activities. Concerns persist despite efforts to prevent misuse.
CrowdStrike IT outage affected 8.5M Windows devices, Microsoft says
Microsoft reports a major global IT outage due to a faulty CrowdStrike update affecting 8.5 million Windows devices. Cybersecurity measures are stressed to prevent further disruptions and hacking attempts.
How Russia-Linked Malware Cut Heat to 600 Ukrainian Buildings in Deep Winter
Russia-linked malware FrostyGoop disrupted Lviv heating utility, affecting 600 buildings for 48 hours in January. The attack manipulated temperature readings via Modbus protocol, showcasing evolving tactics in Russia's campaign against Ukraine.