Top
image credit: Christiaan Colen / Flickr

U.S. Treasury Sanctions Russian Institute Linked to Triton Malware

October 26, 2020

Initially identified in 2017 on the systems of a Saudi Arabian oil and gas company and also referred to as Trisis and HatMan, Triton is known for the targeting of Schneider Electric’s Triconex Safety Instrumented System (SIS) controllers.

Referred to by some as Xenotime, the threat actor behind the malware is believed to have been active since at least 2014, and at one point it expanded activities to Australia, Europe, and the US, and added electric utilities to its target list.

Read More on Security Week