June 2, 2016 10:00 pm
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/kh5Uo5HeLdw/theres-a-stuxnet-copycat-and-we-have-no-idea-where-it-came-from
There's a Stuxnet Copycat, and We Have No Idea Where It Came From
Joseph Cox, reporting for Motherboard: After details emerged of Stuxnet, arguably the world's first digital weapon, there were concerns that other hackers would copy its techniques. Now, researchers have disclosed a piece of industrial control systems (ICS) malware inspired heavily by Stuxnet. Although the copycat malware -- dubbed IRONGATE by cybersecurity company FireEye -- only works in a simulated environment it, like Stuxnet, replaces certain types of files, and was seemingly written to target a specific control system configuration. [...] IRONGATE works within a simulated Siemens environment called PLCSIM, used for testing programs before they are pushed out into the field. Like Stuxnet, IRONGATE replaces a Dynamic Link Library (DLL), a small collection of code that can be used by different programs at the same time, with a malicious one of its own. IRONGATE's DLL records five seconds of traffic from the Siemens' system to the user interface, and replays it over again, potentially tricking whoever is monitoring the system into thinking everything is fine, while the malware might manipulate something else in the background.Dark Reading's coverage on this is also worth a read.Read more of this story at Slashdot.
Original Link: http://rss.slashdot.org/~r/Slashdot/slashdot/~3/kh5Uo5HeLdw/theres-a-stuxnet-copycat-and-we-have-no-idea-where-it-came-from
Share this article:
Tweet
View Full Article
Slashdot
Slashdot was originally created in September of 1997 by Rob "CmdrTaco" Malda. Today it is owned by Geeknet, Inc..More About this Source Visit Slashdot