Targeted industrial control systems-themed malware is less prevalent yet persistent, including one variant posing as Siemens PLC firmware that has been in action since 2013, researchers find.
A piece of crimeware posing as legitimate Siemens PLC software has been in circulation for four years by an unknown attack group attempting to infect industrial networks mainly in the US.
The backdoor malware is packaged to appear as a Siemens programmable logic controller installer file, and around 10 industrial sites have reported coming across the targeted attack campaign, seven of which are located in the US as well as some in Europe and China, according to new research from Dragos.
