Russia-Linked Malware Cut Heat to 600 Ukrainian Buildings in Deep Winter
Russia-linked malware FrostyGoop disrupted a heating utility in Lviv, Ukraine, affecting 600 buildings for 48 hours. The attack manipulated temperature readings, highlighting evolving cyber warfare tactics against Ukraine.
Read original article
Russia-linked malware targeted a heating utility in Lviv, Ukraine, cutting off heat and hot water to 600 buildings for 48 hours in January. The attack used a new type of malware named FrostyGoop, allowing hackers to manipulate temperature readings and disrupt the heating system. The malware interacted with industrial control systems via the Modbus protocol, a common but insecure communication method. The hackers gained access to the network in April 2023 through a vulnerable router and set up a VPN connection to Moscow. While the attack has not been officially linked to a specific hacker group, it aligns with Russia's history of targeting Ukrainian critical infrastructure. The incident highlights the evolving tactics in Russia's cyber and physical warfare against Ukraine, aiming to undermine the country's resilience and will to resist. The attack on the heating utility in the midst of winter represents a shift towards hacking-based sabotage as a response to Ukrainian defenses against traditional military attacks.
Related
How Ukraine built a volunteer hacker army from scratch
Ukraine formed a volunteer hacker army, the IT Army, to counter the Russian invasion in 2022. With 300,000 members, they conducted 2,000 cyber attacks, targeting Russian infrastructure and evolving tactics to combat improved defenses.
Nuclear reactor malfunction leaves Russians without power
Millions of Russians lost power in the south due to a malfunction at Rostov nuclear plant. Investigations ongoing. Previous outages linked to Ukrainian attacks. Ukraine also facing power issues.
Hackers shut down heating in Ukrainian city with malware, researchers say
Hackers used FrostyGoop malware to disrupt Lviv's energy company, causing a two-day heating outage in 600+ buildings. Dragos identified the attack, emphasizing the global threat of cyberattacks on critical infrastructure.
How Russia-Linked Malware Cut Heat to 600 Ukrainian Buildings in Deep Winter
Russia-linked malware FrostyGoop disrupted Lviv heating utility, affecting 600 buildings for 48 hours in January. The attack manipulated temperature readings via Modbus protocol, showcasing evolving tactics in Russia's campaign against Ukraine.
FrostyGoop malware uses Modbus, threatens ICS systems worldwide
A new malware strain, "FrostyGoop," targets operational technology systems globally via Modbus TCP communications. An attack on a Ukrainian energy company caused a two-day heating outage, highlighting the need for enhanced network monitoring and security measures to protect critical infrastructure.
0 commentsRelated
How Ukraine built a volunteer hacker army from scratch
Ukraine formed a volunteer hacker army, the IT Army, to counter the Russian invasion in 2022. With 300,000 members, they conducted 2,000 cyber attacks, targeting Russian infrastructure and evolving tactics to combat improved defenses.
Nuclear reactor malfunction leaves Russians without power
Millions of Russians lost power in the south due to a malfunction at Rostov nuclear plant. Investigations ongoing. Previous outages linked to Ukrainian attacks. Ukraine also facing power issues.
Hackers shut down heating in Ukrainian city with malware, researchers say
Hackers used FrostyGoop malware to disrupt Lviv's energy company, causing a two-day heating outage in 600+ buildings. Dragos identified the attack, emphasizing the global threat of cyberattacks on critical infrastructure.
How Russia-Linked Malware Cut Heat to 600 Ukrainian Buildings in Deep Winter
Russia-linked malware FrostyGoop disrupted Lviv heating utility, affecting 600 buildings for 48 hours in January. The attack manipulated temperature readings via Modbus protocol, showcasing evolving tactics in Russia's campaign against Ukraine.
FrostyGoop malware uses Modbus, threatens ICS systems worldwide
A new malware strain, "FrostyGoop," targets operational technology systems globally via Modbus TCP communications. An attack on a Ukrainian energy company caused a two-day heating outage, highlighting the need for enhanced network monitoring and security measures to protect critical infrastructure.