S1072Field Controller/RTU/PLC/IEDEngineering Workstation

S1072Industroyer2

Platforms
2
ATT&CK
14.1
References
2

Description

[Industroyer2](https://attack.mitre.org/software/S1072) is a compiled and static piece of malware that has the ability to communicate over the IEC-104 protocol. It is similar to the IEC-104 module found in [Industroyer](https://attack.mitre.org/software/S0604). Security researchers assess that [Industroyer2](https://attack.mitre.org/software/S1072) was designed to cause impact to high-voltage electrical substations. The initial [Industroyer2](https://attack.mitre.org/software/S1072) sample was compiled on 03/23/2022 and scheduled to execute on 04/08/2022, however it was discovered before deploying, resulting in no impact.(Citation: Industroyer2 Blackhat ESET)

Platforms· 2

Field Controller/RTU/PLC/IEDEngineering Workstation

References

  1. https://attack.mitre.org/software/S1072
  2. https://www.youtube.com/watch?v=xC9iM5wVedQ

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
Industroyer
Software
Stuxnet
Software
DEADEYE
Software
HermeticWiper
Software
TRISIS
Software
InvisiMole
Sourced from MITRE ATT&CK Enterprise 14.1. Curated by Adam Lundqvist, SQUR.