Amid escalating threats to global critical infrastructure, last night Dragos announced the discovery of new malware specifically developed to disrupt industrial processes: PIPEDREAM.
This is the seventh ever publicly known ICS-specific malware, following INDUSTROYER2, STUXNET, HAVEX, BLACKENERGY2, CRASHOVERRIDE, and TRISIS.
Since early 2022, Dragos has been analyzing PIPEDREAM malware. PIPEDREAM was developed by a new threat group Dragos identifies as CHERNOVITE. Dragos assesses with high confidence this threat group created PIPEDREAM for use in disruptive or destructive operations against Industrial Control Systems (ICS).
Media Resources:
Last night’s advisory by the US Cybersecurity and Infrastructure Security Agency (CISA): https://www.cisa.gov/uscert/ncas/current-activity/2022/04/13/apt-actors-target-icsscada-devices
Dragos blog: https://www.dragos.com/blog/industry-news/chernovite-pipedream-malware-targeting-industrial-control-systems
Dragos white paper: https://hub.dragos.com/whitepaper/chernovite-pipedream
Dragos page on newly named Chernovite Activity Group: https://www.dragos.com/threat/chernovite/
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.