Researchers from Claroty’s Team82 have provided information about the custom-built IoT/OT malware called IOCONTROL which has been used by Iran-affiliated threat actors to attack Israel and U.S.-based OT/IoT devices. The same group, known as the CyberAv3ngers, was also believed to be responsible for the Unitronics attack last fall on water treatment facilities in the U.S. and Israel. Team82’s report includes an in-depth look at the malware’s capabilities and unique communication channels.
Additionally, cybersecurity firm Check Point recently released their Global Threat Index for November 2024, which highlights the rapid rise of Androxgh0st malware and its integration with the Mozi botnet – a botnet that commonly exploits vulnerabilities in consumer-grade IoT devices such as routers, security cameras, and other network devices. The combination poses a significant threat to critical infrastructure globally.
WaterISAC is sharing these threats for member awareness of current malware and threat actor capabilities that pose a significant threat to the water sector. Members are encouraged to familiarize themselves with the threats and to review the top exploited vulnerabilities related to Androxgh0st malware shared by Check Point, and the indicators of compromise (IOCs) shared by Team82. For more information visit Claroty and Check Point.
Additional Resource:
