Hackers have targeted and successfully penetrated the operational networks of a number of energy companies in the United States and Europe, putting core aspects of power grids at risk, security researchers warn.
Symantec reported the hacking group developed trojanized versions of standard Windows applications that were used to infiltrate the vital systems.
The hacking group also delivered a trojan to targeted firms through malicious downloads disguised as an update to Adobe Flash Player. The updates may have been the result of social engineering, in which the attackers would contact the target and convince them an update was needed. The attackers would then send the target to a URL that hosts the disguised malicious file.
According to the security firm, dozens of utility companies in the U.S. were targeted by Dragonfly and a handful of them have been compromised on an operational level. Companies in Turkey and Switzerland may have also been penetrated.
Return To Article
