Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology [Thursday, November 9, 2023]

Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology [Thursday, November 9, 2023]
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/ATTACK-REPORT-LOGO-2.png
Report

Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology

Description :
Details of a disruptive cyber physical incident in which the Russia-linked threat actor Sandworm targeted a Ukrainian critical infrastructure organization. This incident was a multi-event cyber attack that leveraged a novel technique for impacting industrial control systems (ICS) / operational technology (OT).

Published :
2023-11-09T14:13:49.653Z

Created :
2023-11-09T14:13:49.653Z

Modified :
2023-11-09T14:30:27.903Z

Tags

  • russia
  • powershell
  • sandworm
  • ukraine
  • wiper
  • caddywiper
  • partyticket
  • microscada
  • gogetter
  • variant
  • scil

Indicators

IPv4s :
  • 176.119.195.115
  • 176.119.195.113
  • 190.2.145.24
  • 82.180.150.197
Hashes :
  • 50c0bae4b9e827afb0e888c481fe3b091d7003f7
  • 5e930d9f5b2b8943f02206a15efa9b9491cee995
  • 46adb27b4e8823250cbd29f63b695079cccfd326
  • 5cbad1680babb4e71c75ed3259857e29dd1edb1c
  • 7e5af65d8d248d5bfa71e828a7186cd1cdd0cea3
  • 692b505a3a5efb4b0b1f0a72e2d8dbebe2afb3d3
Attacks Pattern :
  • T1072
  • T1036
  • T1053
  • T1566
  • T1543
  • T1105
  • T1059
External References :

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.