A newly identified malware, IOCONTROL, is causing widespread alarm as it targets critical infrastructure in Israel and the United States. Developed by Iranian hackers, IOCONTROL is specifically designed to attack Internet of Things (IoT) devices and operational technology (OT) systems, posing a severe risk to essential services.
This highly sophisticated and adaptive malware can infect a wide range of industrial devices, including routers, programmable logic controllers, human-machine interfaces, IP cameras, firewalls, and systems for managing fuel operations. These devices often serve as the backbone of critical infrastructure, such as fuel supply chains and water treatment facilities.
The malware’s modular design allows it to adapt its behavior based on the targeted manufacturer. Security researchers from Claroty’s Team82 uncovered IOCONTROL and classified it as a nation-state cyberweapon capable of causing large-scale disruptions. Among the manufacturers affected are D-Link, Hikvision, Unitronics, and Phoenix Contact.
How Does IOCONTROL Work?
IOCONTROL boasts several advanced features that make it exceptionally dangerous:
- Persistence: Once installed, the malware ensures it remains active even after device reboots by utilizing a script that reactivates it during boot-up.
- Communication: It uses the MQTT protocol over port 8883 to connect with
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.This article has been indexed from CySecurity News – Latest Information Security and Hacking IncidentsRead the original article: