Security News > 2020 > October > U.S. Treasury Sanctions Russian Institute Linked to Triton Malware
The United States Department of the Treasury's Office of Foreign Assets Control has announced sanctions against a Russian government institute connected to the destructive Triton malware.
Initially identified in 2017 on the systems of a Saudi Arabian oil and gas company and also referred to as Trisis and HatMan, Triton is known for the targeting of Schneider Electric's Triconex Safety Instrumented System controllers.
In 2018, FireEye associated Triton with the Russian technical research organizations Central Scientific Research Institute of Chemistry and Mechanics.
Pursuant to section 224 of the Countering America's Adversaries Through Sanctions Act, the Treasury Department designated TTsNIIKhM "For knowingly engaging in significant activities undermining cybersecurity against any person, including a democratic institution, or government on behalf of the Government of the Russian Federation."
"Nathan Brubaker, senior manager of analysis at Mandiant Threat Intelligence, commented,"TRITON malware was designed to disable the safety systems which form one of the last lines of protection in industrial systems.
News URL
Related news
- Suspected Russian Data-Wiping 'AcidPour' Malware Targeting Linux x86 Devices (source)
- Russian Hackers May Have Targeted Ukrainian Telecoms with Upgraded 'AcidPour' Malware (source)
- Russian hackers target German political parties with WineLoader malware (source)
- Russian Hackers Use 'WINELOADER' Malware to Target German Political Parties (source)