Avast WEBforum

Business Products => Avast Business => Topic started by: REDACTED on January 03, 2018, 03:52:32 PM

Title: TRITON/TRISIS malware
Post by: REDACTED on January 03, 2018, 03:52:32 PM

Can anyone confirm if the current release of definitions for Avast! Endpoint Protection protects against the TRITON/TRISIS malware (also known as HatMan by ICS-CERT), which targets Triconex safety controllers?

If not, when can we expect to have protection from this?

Title: Re: TRITON/TRISIS malware
Post by: Pondus on January 03, 2018, 04:40:52 PM

Quote from: MGuerra on January 03, 2018, 03:52:32 PM

Can anyone confirm if the current release of definitions for Avast! Endpoint Protection protects against the TRITON/TRISIS malware (also known as HatMan by ICS-CERT), which targets Triconex safety controllers?

If not, when can we expect to have protection from this?

Of course ... this is what antivirus vendors work with 24/7

https://www.virustotal.com/#/file/e8542c07b2af63ee7e72ce5d97d91036c5da56e2b091aa2afe737b224305d230/detection

https://www.symantec.com/blogs/threat-intelligence/triton-malware-ics

https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html

https://www.trendmicro.com/vinfo/gb/security/news/cyber-attacks/triton-wielding-its-trident-new-malware-tampering-with-industrial-safety-systems