Triton: The world's most dangerous malware

The year 2019 has seen the birth of many rather exceptional things. Among them, the "Triton" virus considered by the general impression to be the most dangerous computer program in the world.

It would consist of a set of viruses and malware precisely constructed by a group of hackers called "Xenotime".

This article will also interest you: A flaw in Kaspersky software that allows websites to collect personal data about users

It has been used most often in attacks against industrial or energy buildings of very large such as chemical plants, processing plants, chemical plants, water or power plants. In the clear of the infrastructure first order. Its discovery was due to a fortuitous case. In other words, it is the chance that allowed us to discover it.

What makes triton special is that it directly attacks the security system of the target infrastructure. Last April, hackers used to attack Schneider Electric's system. A system that was designed to withstand different types of attacks, and quickly adapt to security vulnerabilities. The luck for the proponents of the structure was that the operating stops of their machines caught the attention of security officers. One can imagine the damage it could have caused if the pirates had come to their ends

It was the same for an attack on a petrochemical plant located in Saudi Arabia, known as "Petro Fibigh." Faced with this intrusion that revealed its existence, this malware has managed to circumvent or even destroy security measures that are supposed to protect the building in the event of a major problem. If they had wanted, with just one click, hackers, publishers program could have caused an explosion of chemicals or toxic releases that can cause immense damage.

The group of pirates continued its outbursts. in April 2019, computer security company FireEyes intervened in a attack caused by the same program used for the power plant in Saudi Arabia Saudi.

In addition, a company specialising in cybersecurity called Dragos, publicly announced that the hackers components Xenotime would undoubtedly be Russian pirates, under the direction of the state Russian. Dragos added that other infrastructure located Europe and the United States were targeted by the latter.

Indeed, in collaboration with the institution E-ISAC (Electric Information Sharing and Analysis Center), they found traces of this group on one of the systems controlling the network U.S. electric power.

About 20 structures affected by electricity supply have already been inspected by a distance by Xenotime. Surely looking for a potential loophole to exploit. At least we know that it is about to carry out a large-scale attack.

Also the defense systems are on alert. On June 15, the New York Times reported that all U.S. specialized agencies were going to war to counter-attack with the placement in the Russian system of potentially crippling malware, at a depth and with aggression that had never been seen before."

Now access an unlimited number of passwords: