Headset0161 513 0960

Jack O'Sullivan

March 22 2021

Recently the world was introduced to ‘Industroyer‘, a malware variant with a focus on compromising industrial control systems (ICS). Members of the security community are speculating if this malware sample was responsible for the power outage in Kiev during 2016. What is known is that this malware targets ICS with efficiency. With nation state attacks ever dominating the news, we take a keen interest in emerging threats.

Working in offensive security, we are approached and asked about such threats from customers, whether that is to help simulate a threat actor during a red-team engagement, or simply to provide advice on preventative measures. With this in mind, we wanted to explore Industroyer and understand just how it operated when controlled.

We have determined the Command & Control (C & C) protocol used to issue commands to infected hosts and return results. Additionally, we have developed ‘Indushell‘ which implements that protocol enabling the community to now interact with Industroyer.

The following video shows exactly how to use Indushell:

Today we release:

  1. The source code to Indushell available on GitHub here.

Latest

Looking for vulnerabilities in systems

Ethical Hacking: Unveiling the Positive Side of Penetration Testing

Penetration testing, white-hat hacking, and ethical hacking are terms used to describe the practice ...

cybersecurity news infosec tech updates

Cybersecurity in Retail: Protecting Customer Data and Transactions

Cybersecurity in retail is critical for the industry, which handles vast amounts of sensitive custom...

Emerging Ransomware Threats: Evolution and Prevention

In today’s business world, the ever-increasing emerging ransomware threats pose a significant conc...