Pirates Distribute A Password Cracking Tool For Automata And IHMs With Target Industrial Systems

Pirates distribute a password cracking tool for automata and IHMs with target industrial systems - Tech Tribune France

2022-07-23 08:22:43 By : Mr. Michael Fan

Industrial engineers and operators are the target of a new campaign that operates password cracking software to take control of programmable automata (PLC) and coopte the machines to a botnet.The software “used a vulnerability in the firmware which allowed it to recover the password on order,” said Sam Hanson, security researcher at Dragos.said.“In addition, the software was a malicious software launcher, infecting the machine with the malware and transforming the host into peer in the peer-to-peer Botnet of Sality.The Industrial Cybersecurity Company said that the password recovery exploit integrated into the malware dropper is designed to recover the identification information associated with Direct Automation.Directlogic 06 automaton.The feat, identified as CVE-2022-2003 (CVSS score: 7.7), has been described as a case of clear transmission of sensitive data which can cause the disclosure of information and unauthorized modifications.The problem was addressed in version 2.72 of the firmware published last month.Infections culminate with the deployment of malware health to perform tasks such as cryptocurrency extraction and passage of passwords in a distributed way, while taking measures not to be detected by putting an end to the safety software executed on compromised workstations.In addition, the artefact uncovered by the functions of Dragos drops a user-clipper payload which steals the cryptocurrency during a transaction by replacing the original portfolio address recorded in the clipboard by the attacker's portfolio address.Direct Automation is not the only impacted supplier because the tool claims to encompass several automata, IHM, human-machine interface (IHM), and project files covering Omron, Siemens, ABB Codesys, Delta Automation, Fuji Electric, Mitsubishi Electric , Pro-face of Schneider Electric, Vigor Plc, Weintek, Allen-Bradley from Rockwell Automation, Panasonic, Fatek, IDEC Corporation and LG.It is far from the first time that a software protected by a Trojan horse has been finger at the Operational Technology Networks (OT).In October 2021, Mandiant disclosed how legitimate portable executable binaries were compromised by a variety of malicious software such as Sality, Virut and Ramnit, among others.Save my name, email and website in this browser for the next time I comment.

Factory Directly To Consumers And Eliminate Brand Premium

High Quality Is Our Obligation!

Great Service Is Our Mission!

Passed Iso- 9001- 2008 International Quality System Certification Andeu Ce Certification

Pirates distribute a password cracking tool for automata and IHMs with target industrial systems - Tech Tribune France

Featured Products

News & Blog

Global HMI Software Market (2021 to 2025) - Featuring

GCH Machinery Redesigns Grinding System for EV Manufacturer | Modern Machine Shop

Automotive interior supplier Yanfeng debuts ground-breaking camera under panel screen - Gasgoo

Globale che si Basa sul Contatto di Interfaccia Uomo-Macchina (HMI) e le prospettive di Mercato, Opportunità e l'Analisi della Domanda in Relazione 2031 | Siemens, Advantech, MitsubishiÂ ElectricÂ Corporation - Genovagay

The Global Electric Vehicle Relays Market is expected to grow by $ 21.42 bn during 2021-2025, progressing at a CAGR of over 31% during the forecast period

Cateogría del artículo

Cateogría del artículo

Bloomberg - Are you a robot?

Micro and Nano PLC Market analysis, key company profiles, types, applications and forecast for 2027 | Oprating Vendors: ABB, Idec, Schneider Electric, Mitsubishi Electric, General Electric, Rockwel… – Energy Siren

Global Sensors Technology and Markets Report 2021: Data from 2020, Estimates for 2021, 2022 and 2024, and CAGRs Projections Through 2026 - ResearchAndMarkets.com | Business Wire