Evidence Suggests Russia Behind Malware Used In Infrastructure Attack

By Chemical Processing Staff

Nov 02, 2018

Researchers from U.S. security firm FireEye now believe that Russia is most likely behind a malware attack at a critical infrastructure facility in the Middle East, according to an article from Ars Technica. FireEye researchers reportedly assess “with high confidence” that a Russian-government backed research institute – the Central Scientific Research Institute of Chemistry and Mechanics in Moscow – helped develop the software that caused a major operational failure at the facility.  

The malware, alternately labeled Triton and Trisis, according to the article, worked by tampering with the facility’s safety-instrumented system. A variety of evidence reportedly implicates the Russian institute, according to FireEye’s report, including “malware that was tested inside the institute, artifacts left inside the malware used in the attack, an IP address belonging to the institute and the malware developer’s operating hours.” 

Read the entire article here.

Show Comments
Hide Comments

Join the discussion

We welcome your thoughtful comments.
All comments will display your user name.

Want to participate in the discussion?

Register for free

Log in for complete access.


No one has commented on this page yet.

RSS feed for comments on this page | RSS feed for all comments