New Stuxnet-like Malware Discovered in the Wild


Powerful Irongate attack targets industrial equipment systems

Researchers at the security firm FireEye have found mysterious malware, named Irongate, that’s designed to target industrial processes, specifically, ICS/SCADA equipment manufactured by Siemens.

Irongate masks its malicious activities by replacing a Dynamic Link Library (DLL) with a malicious DLL. The DLL works as a broker between a programmable logic controller (PLC) and the monitoring software. It records five seconds of normal traffic and then replays it -- the way Keanu Reeves loops tape in the movie Speed . This strategy allows attackers to hide from process operators.

The malware has the same attack traits that were seen in the infamous Stuxnet, which was allegedly created by Israel and the US to sabotage Iran’s nuclear program.

FireEye said in a blog post, “Our analysis finds that IRONGATE invokes ICS attack concepts first seen in Stuxnet, but in a simulation environment. Because the body of industrial control systems (ICS) and supervisory control and data acquisition (SCADA) malware is limited, we are sharing details with the broader community.”

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>


		<div class=