home.social
Sign in Create account

#frostygoop — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #frostygoop, aggregated by home.social.

  1. Pyrzout :vm: @[email protected] ·

    Russia-Linked FrostyGoop Malware Threatens Industrial Control Systems Worldwide thecyberexpress.com/russian-fr #IndustrialControlSystems #criticalinfrastructure #TheCyberExpressNews #ThreatIntelligence #CybersecurityNews #TheCyberExpress #FirewallDaily #FrostyGoop #malware #Modbus

    #industrialcontrolsystems #criticalinfrastructure #thecyberexpressnews #threatintelligence #cybersecuritynews #thecyberexpress
  2. 🛡 [email protected]/:~# :blinking_cursor:​ @[email protected] ·

    New ICS Malware 'FrostyGoop' Targeting Critical Infrastructure

    Date: July 23, 2024

    CVE: N/A

    Vulnerability Type: Exploitation of Modbus TCP communication

    CWE: [[CWE-668]], [[CWE-20]], [[CWE-74]]

    Sources: The Hacker News, Yahoo News, Dragos

    Synopsis

    FrostyGoop is a newly identified malware designed to target Industrial Control Systems (ICS) by exploiting Modbus TCP communication protocols. This malware caused significant disruption to critical infrastructure in Lviv, Ukraine, earlier this year.

    Issue Summary

    In January 2024, FrostyGoop malware targeted an energy company in Lviv, resulting in a 48-hour loss of heating services to over 600 apartment buildings. This malware interacts directly with ICS devices using Modbus TCP over port 502, making it a serious threat to critical infrastructure.

    Technical Key Findings

    FrostyGoop, written in Golang, can read and write to ICS device registers and uses JSON-formatted configuration files to target specific IP addresses and Modbus commands. Initial access was likely gained through a vulnerability in Mikrotik routers.

    Vulnerable Products

    ENCO controllers with TCP port 502 exposed and ICS devices using Modbus TCP are particularly vulnerable to this malware.

    Impact Assessment

    The malware's ability to manipulate ICS devices can lead to significant operational disruptions, inaccurate system measurements, and potential safety hazards, affecting public safety and industrial operations.

    Patches or Workarounds

    Currently, there are no specific patches available for FrostyGoop.

    #FrostyGoop #ICS #ModbusTCP #CriticalInfrastructure #CyberAttack #EnergySector #Ukraine #Dragos #IndustrialControlSystems #Golang #MikrotikVulnerability

    #frostygoop #ics #modbustcp #criticalinfrastructure #cyberattack #energysector
  3. Pyrzout :vm: @[email protected] ·

    FrostyGoop ICS Malware Left Ukrainian City’s Residents Without Heating securityweek.com/frostygoop-ic #FrostyGoop #ICSmalware #Featured #Ukraine #ICS/OT #Russia

    #frostygoop #icsmalware #featured #ukraine #ics #russia