• Welcome to OnlyTech Forums
    An online community for the tech enthusiasts!
    Log in or Register

Triton Malware

Bapun Raz

Staff member
Community Manager
Joined
3 Nov 2010
Messages
25,130
Solutions
5
Reaction score
33,510
Triton Malware Details Show the Dangers of Industrial System Sabotage
At the S4 security conference on Thursday, researchers from the industrial control company Schneider Electric, whose equipment Triton targeted, presented deep analysis of the malware—only the third recorded cyberattack against industrial equipment. Hackers were initially able to introduce malware into the plant because of flaws in its security procedures that allowed access to some of its stations, as well as its safety control network.

The Schneider researchers shared two crucial pieces of information about what came next in the intrusion, though: The attack on the Schneider customer in part exploited a previously unknown, or zero day, vulnerability in Schneider's Triconex Tricon safety system firmware. And the hackers deployed a remote access trojan in the second stage of their exploitation, a first for malware that targets industrial control systems.

The researchers say that the malware targets the Triconex firmware vulnerability, manipulates the system to steadily increase its ability to make changes and issue commands, and then deposits the RAT, which awaits further remote instructions from the attackers.
 
Top Bottom
AdBlock Detected

We get it, advertisements are annoying!

Sure, ad-blocking software does a great job at blocking ads, but it also blocks useful features of our website. For the best site experience please disable your AdBlocker.

I've Disabled AdBlock