Author Topic: TRITON/TRISIS malware  (Read 2287 times)

0 Members and 1 Guest are viewing this topic.

Offline MGuerra

  • Newbie
  • *
  • Posts: 2
TRITON/TRISIS malware
« on: January 03, 2018, 03:52:32 PM »
Can anyone confirm if the current release of definitions for Avast! Endpoint Protection protects against the TRITON/TRISIS malware (also known as HatMan by ICS-CERT), which targets Triconex safety controllers?

If not, when can we expect to have protection from this?
M Guerra

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37130
Re: TRITON/TRISIS malware
« Reply #1 on: January 03, 2018, 04:40:52 PM »
Can anyone confirm if the current release of definitions for Avast! Endpoint Protection protects against the TRITON/TRISIS malware (also known as HatMan by ICS-CERT), which targets Triconex safety controllers?

If not, when can we expect to have protection from this?
Of course ... this is what antivirus vendors work with 24/7

https://www.virustotal.com/#/file/e8542c07b2af63ee7e72ce5d97d91036c5da56e2b091aa2afe737b224305d230/detection

https://www.symantec.com/blogs/threat-intelligence/triton-malware-ics

https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html

https://www.trendmicro.com/vinfo/gb/security/news/cyber-attacks/triton-wielding-its-trident-new-malware-tampering-with-industrial-safety-systems

« Last Edit: January 03, 2018, 05:00:32 PM by Pondus »