Industroyer
Industroyer
Main page

Industroyer

logo
Community Hub0 subscribers
What are your thoughts?
Be the first to start a discussion here.
Be the first to start a discussion here.
Industroyer

Industroyer (also referred to as Crashoverride) is a malware framework considered to have been used in the cyberattack on Ukraine's power grid on 17 December 2016. The attack cut a fifth of Kyiv, the capital, off power for one hour and is considered to have been a large-scale test. The Kyiv incident was the second cyberattack on Ukraine's power grid in two years. The first attack occurred on 23 December 2015. Industroyer is the first ever known malware specifically designed to attack electrical grids. At the same time, it is the fourth malware publicly revealed to target industrial control systems, after Stuxnet, Havex, and BlackEnergy.

The malware was discovered by Slovak internet security company ESET. ESET and most of the cybersecurity companies detect it under the name "Industroyer". Cybersecurity firm Dragos named the malware "Crashoverride". In 2022, the Russian hacker group Sandworm initiated a blackout in Ukraine using a variant of Industroyer aptly dubbed Industroyer2.

The detailed analysis of Industroyer revealed that the malware was designed to disrupt the working processes of industrial control systems, specifically those used in electrical substations. Industroyer is modular malware; its main components are the following:

See all
User Avatar
No comments yet.