Security News > 2020 > October > U.S. Treasury Sanctions Russian Institute Linked to Triton Malware
The United States Department of the Treasury's Office of Foreign Assets Control has announced sanctions against a Russian government institute connected to the destructive Triton malware.
Initially identified in 2017 on the systems of a Saudi Arabian oil and gas company and also referred to as Trisis and HatMan, Triton is known for the targeting of Schneider Electric's Triconex Safety Instrumented System controllers.
In 2018, FireEye associated Triton with the Russian technical research organizations Central Scientific Research Institute of Chemistry and Mechanics.
Pursuant to section 224 of the Countering America's Adversaries Through Sanctions Act, the Treasury Department designated TTsNIIKhM "For knowingly engaging in significant activities undermining cybersecurity against any person, including a democratic institution, or government on behalf of the Government of the Russian Federation."
"Nathan Brubaker, senior manager of analysis at Mandiant Threat Intelligence, commented,"TRITON malware was designed to disable the safety systems which form one of the last lines of protection in industrial systems.
News URL
Related news
- Russian Espionage Group Targets Ukrainian Military with Malware via Telegram (source)
- Russian charged by U.S. for creating RedLine infostealer malware (source)
- Uncle Sam outs a Russian accused of developing Redline infostealing malware (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia (source)