Get all your news in one place.

100’s of premium titles.
One app.

Get all your news in one place.

100’s of premium titles. One news app.

Axios

Joe Uchill

Xenotime, the hackers behind destructive malware, is doing recon on U.S. electric utilities

Photo: YinYang via Getty Images

Xenotime, the notorious group behind the Triton malware designed to disable safety systems at petrochemical plants, has started to do reconnaissance at electric utilities, including those in the U.S, according to industrial systems cybersecurity firm Dragos.

Why it matters: Triton, also called Trisis, was designed to be not only destructive, but be destructive in a way that could kill people. In fact, there are only three other groups known to successfully, deliberately disrupt industrial control systems.

To be clear: We don't know that any U.S. electric utilities have been breached. Trisis has been observed doing some of the slow, deliberate groundwork to launch an attack.

Background: Triton was first seen in an attack a Saudi petrochemical facility. It hasn't been seen in any subsequent attack, though the same group behind the attack has still been active.

Because industrial control system attacks need to be extensively targeted against highly specialized equipment, this is believed to be the first time an attacker group switched from one sector to another — petrochemical to electricity.
While there are links between one component of the malware and a Russian research organization, no one has formally linked the malware to the Russian government. Hackers can be hired, borrow code or copy it from previous attacks.

Sign up to read this article

Read news from 100’s of titles, curated specifically for you.

Already a member? Sign in here

Top stories on inkl right now

Harrowing 911 calls from ICE detention center reveal children unable to breathe, suffering seizures and broken bones: report

Harrowing 911 calls from ICE detention center reveal children unable to breathe, suffering seizures and broken bones: report

Texas emergency crews dispatched nearly a dozen times in six months, according to call logs

The Independent UK

Democrats outraged at US military’s downing of CBP drone near Mexico border

Democrats outraged at US military’s downing of CBP drone near Mexico border

It was second time in two weeks US military used laser to shoot down what it mistakenly thought was a threat, disrupting air traffic

The Guardian - US

Trump officials move to kill system that protects US from chemical disasters

Trump officials move to kill system that protects US from chemical disasters

EPA rolls back rules as chemical firms claim provisions in RMP protection system too expensive to implement

The Guardian - US

US urges its citizens to leave Israel immediately amid strike threat to Iran

US urges its citizens to leave Israel immediately amid strike threat to Iran

Department of State authorises non-essential officials to leave, with embassy staff told to book flights to anywhere

The Guardian - UK

One subscription that gives you access to news from hundreds of sites

Already a member? Sign in here

Most US coal plants could meet air pollution rules. Trump weakened them anyway

Most US coal plants could meet air pollution rules. Trump weakened them anyway

EPA found only 27 of 219 plants needed upgrades; 71 later got exemptions as Donald Trump scrapped mercury limits

The Guardian - US

IRS Leaked Taxpayer Secrets To ICE 42,695 Times, Judge Rules In Explosive Privacy Blow

IRS Leaked Taxpayer Secrets To ICE 42,695 Times, Judge Rules In Explosive Privacy Blow

A federal judge ruled that the IRS violated federal law by disclosing confidential taxpayer information to ICE, sparking legal challenges over data-sharing practices.

International Business Times UK

Related Stories

Top stories on inkl right now

Harrowing 911 calls from ICE detention center reveal children unable to breathe, suffering seizures and broken bones: report

Harrowing 911 calls from ICE detention center reveal children unable to breathe, suffering seizures and broken bones: report

Texas emergency crews dispatched nearly a dozen times in six months, according to call logs

The Independent UK

Democrats outraged at US military’s downing of CBP drone near Mexico border

Democrats outraged at US military’s downing of CBP drone near Mexico border

It was second time in two weeks US military used laser to shoot down what it mistakenly thought was a threat, disrupting air traffic

The Guardian - US

Trump officials move to kill system that protects US from chemical disasters

Trump officials move to kill system that protects US from chemical disasters

EPA rolls back rules as chemical firms claim provisions in RMP protection system too expensive to implement

The Guardian - US

US urges its citizens to leave Israel immediately amid strike threat to Iran

US urges its citizens to leave Israel immediately amid strike threat to Iran

Department of State authorises non-essential officials to leave, with embassy staff told to book flights to anywhere

The Guardian - UK

One subscription that gives you access to news from hundreds of sites

Already a member? Sign in here

Most US coal plants could meet air pollution rules. Trump weakened them anyway

Most US coal plants could meet air pollution rules. Trump weakened them anyway

EPA found only 27 of 219 plants needed upgrades; 71 later got exemptions as Donald Trump scrapped mercury limits

The Guardian - US

IRS Leaked Taxpayer Secrets To ICE 42,695 Times, Judge Rules In Explosive Privacy Blow

IRS Leaked Taxpayer Secrets To ICE 42,695 Times, Judge Rules In Explosive Privacy Blow

A federal judge ruled that the IRS violated federal law by disclosing confidential taxpayer information to ICE, sparking legal challenges over data-sharing practices.

International Business Times UK

Our Picks

Cara Delevingne's 'second coming' of womanhood

Cara Delevingne has been going through her "second coming of being a woman" because she finally appreciates clothes and make-up.

Website Claiming to Track Women's 'Body Count' Draws Backlash From Thousands; Calls it 'Misogynistic'

A new AI website, Checkhercount.com, is under fire for estimating women's sexual history from Instagram profiles, raising privacy and misogyny concerns.

International Business Times UK

‘The way we love them in life is the way we love them in death’: a Gullah Geechee community fights for their cemetery

In a win for the Gullah Geechee people on St Helena Island in South Carolina, access to a long-used cemetery has been restored

The Guardian - US

Baseball should be riding high. Instead the salary cap debate has it gearing up for war

As a potential 2027 stoppage looms, MLB owners argue a wage cap is vital for parity. In truth, it’s just another way to boost their assets and fleece fans

The Guardian - US

5 Photos of Pink and Husband Carey Hart Defy Rumors as She Calls Out Outlets Reporting Separation

Pink debunks divorce rumors with a witty Instagram post, slamming tabloids for misinformation and celebrating her Rock & Roll Hall of Fame nomination. Discover the truth behind the headlines.

International Business Times UK

Michael Caine’s voice is iconic. Why would he sell that to AI?

Few actors are imitated as often as Michael Caine. Even Michael Caine has imitated Michael Caine.

The Conversation

Fourteen days free

Download the app

One app. One membership.
100+ trusted global sources.

Download on the AppStore

Get it on Google Play