Pipedream Malware Toolkit Targets Vital Industrial Systems

Teodora Dobrilova
Teodora Dobrilova

Updated · Apr 15, 2022

SHARE:

Techjury is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more.

Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) released a Cybersecurity Advisory (CSA) on Wednesday, warning about the new threat.

Targeting ICS/SCADA Devices

Hackers are using the malware toolkit to scan for, compromise, and control devices that they have gained access to. 

In addition, they compromise Windows-based engineering workstations present in IT or OT environments. That way, they gain and maintain full system access to ICS/SCADA devices.

As a result, wrongdoers can elevate privileges, so that they can move laterally within an OT environment. 

The toolkit they use has a modular architecture, which enables hackers to disrupt critical devices or functions. It also has a virtual console with a command interface. It mirrors the interface of the targeted ICS/SCADA device.

This means that hackers can:

  • conduct reconnaissance on device details 
  • upload malicious configuration/code 
  • back up or restore contents
  • modify device parameters

They also use a tool that installs and exploits a known-vulnerable ASRock-signed motherboard driver - AsrDrv103.sys. It executes malicious code in the Windows Kernel via  CVE-2020-15368. 

The authorities are urging critical infrastructure organizations, mainly those in the Energy Sector, to take measures. The CSA provided recommendations to harden ICS/SCADA devices’ security.

Sources.

SHARE:

Teodora Dobrilova

Teodora Dobrilova

Teodora devoted her whole life to words – reading, writing and trying to be original on social media. She got certified in digital marketing but still feels she’s not cool enough to be an influencer. (We all disagree – she influences the team pretty well.) She finished a master’s degree focused in Literature, Publishing, Mass Media. Her hobbies include traveling, and reading. Teddy hopes that yoga will be the thing to finally teach her some patience and show her the path toward world domination. Maybe modern tech can also help her with that.

Leave your comment

Your email address will not be published.