Havex Malware Hits ICS in Energy Sector

Subscribe To Read This Insight

3Q 2014 | IN-1019547

F-Secure Reveals Malware’s New Focus


F-Secure recently published some findings relating to the group behind the extensive Havex malware, an enduring remote access Trojan (RAT) that has seen a substantial number of iterations since 2011 (upwards of at least 30). This information-harvesting tool is particularly good at usurping credentials from web-facing resources and has been targeting predominantly European and U.S. energy organizations. CrowdStrike dubbed the group Energetic Bear in a 2013 report, in allusion to its Russian-based origins, while Symantec are calling them the Dragonfly group. F-Secure announced some interesting new tactics from the group, notably that a new variation of Havex has been targeting industrial control systems (ICS) used in energy companies.

SCADA under Fire


The Havex RAT has been s...

You must be a subscriber to view this ABI Insight.
To find out more about subscribing contact a representative about purchasing options.