Hatman Malware Cyber Threat to ICS Da Vinci

in #malware7 years ago


Hatman is a malware that is just as scary is as the creepy pasta the name is lifted from. This malware affects the ICS saftey systems in a various of chemical/electrical/oil plants around the world and can be used to create accidents. Currently it's being seen in the middle east targeting electric and oil production systems but no body know who's behind it and it could be creeping into other systems using the affect microprocessors new or aftermarket.

https://twitter.com/aG9ydXM/status/987825500285472768

ftqotuxpdqzarvmoanbdaogdquotadmeimdoayqeitqdqftqegzeqfeazbqdeum
ebqmwuzsftqudfazsgqftqkxaawfaftqrgfgdq

the children of jacob procure ichor as war comes where the sun sets on persia
speaking their tongue they look to the future

https://ics-cert.us-cert.gov/sites/default/files/documents/MAR-17-352-01%20HatMan%20-%20Safety%20System%20Targeted%20Malware%20%28Update%20A%29_S508C.PDF
https://ics-cert.us-cert.gov/sites/default/files/file_attach/MAR-17-352-01.yara
https://www.schneider-electric.com/en/work/products/industrial-automation-control/triconex-safety-systems/
https://ics-cert.us-cert.gov/sites/default/files/documents/MAR-17-352-01%20HatMan—Safety%20System%20Targeted%20Malware_S508C.pdf
http://www.ultra-3eti.com/trisis/
https://github.com/ICSrepo/TRISIS-TRITON-HATMAN
https://www.wired.com/story/triton-malware-targets-industrial-safety-systems-in-the-middle-east/
https://www.securityweek.com/dhs-warns-malware-targeting-industrial-safety-systems
https://en.wikipedia.org/wiki/FireEye
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-02
http://www.real-time-answers.com/documents/Slides_2014-Triconex-Technical-Conference-Webinar.pdf
http://tech-wreckblog.blogspot.com/2018/04/malware-watch-we-42018.html
https://chemical-facility-security-news.blogspot.com

Hatman Lore
https://www.ranker.com/list/phantom-hat-man-facts/erin-mccann