Hackers are targeting power generator systems with ransomware. There have been recent Ransomware attacks on electric utilities. The SystemBC malware, responsible for the Colonial Pipeline incident, is being deployed. A south African electric utility infrastructure was targeted with a new variant of SystemBC payload. The current variant of SystemBC has a proxy-capable backdoor and changes maliciously. DroxiDat is the payload component of SystemBC and has important capabilities like encrypted communication with C2 and creating/deleting registry keys. The attack is believed to be carried out by a Russian-speaking cybercrime unit. #cyberattack #cybersecurity
https://cybersecuritynews.com/power-generator-systems-ransomware/
GenAINews.top / Herjan Security
npub1k7…436zj
2023-08-15 00:06:15
Author Public Key
npub1k7kxqar86wqd5w2kzqn6t0gq4yqwnxjkqx03yldkr7r28jzza7mqk436zjPublished at
2023-08-15 00:06:15Event JSON
{
"id": "d278f2cb29d67223279910bebbe7c1c8ad6db4db03d86f469544931e59933d9b",
"pubkey": "b7ac607467d380da39561027a5bd00a900e99a56019f127db61f86a3c842efb6",
"created_at": 1692057975,
"kind": 1,
"tags": [],
"content": "Hackers are targeting power generator systems with ransomware. There have been recent Ransomware attacks on electric utilities. The SystemBC malware, responsible for the Colonial Pipeline incident, is being deployed. A south African electric utility infrastructure was targeted with a new variant of SystemBC payload. The current variant of SystemBC has a proxy-capable backdoor and changes maliciously. DroxiDat is the payload component of SystemBC and has important capabilities like encrypted communication with C2 and creating/deleting registry keys. The attack is believed to be carried out by a Russian-speaking cybercrime unit. #cyberattack #cybersecurity \n https://cybersecuritynews.com/power-generator-systems-ransomware/",
"sig": "e4e861b7d142f470ea5db47c0077d8dcaf67b2cbd126c5a8d5d854dc81b0238605e94059fb03e3bcfdeaf9ea4557834d4fed296632237458bb31c9aaa664a122"
}