ioc[.]one - OSINT Cyber Threat Intelligence Database

Compromising Industrial Processes using Web-Based Programmable Logic Controller Malware

Show in Graph

Common Information

Type	Value
UUID	22c64ee5-0d82-4c37-ac3e-8c25b24674eb
Fingerprint	741326e4fbc51ab41e106a049572fa380ad7b01037f9e364be260067feb5194b
Analysis status	DONE
Considered CTI value	2
Text language
Published	Nov. 27, 2023, 1:35 p.m.
Added to db	March 10, 2024, 6:15 a.m.
Last updated	Aug. 31, 2024, 1:34 a.m.
Headline	Compromising Industrial Processes using Web-Based Programmable Logic Controller Malware
Title	Compromising Industrial Processes using Web-Based Programmable Logic Controller Malware
Detected Hints/Tags/Attributes	212/4/152

Source URLs

	Redirection	Url
Details	Source	https://www.ndss-symposium.org/wp-content/uploads/2024-49-paper.pdf

URL Provider

Details	Provider	Source level domain
Details	ndss-symposium.org	www.ndss-symposium.org

Attributes

Details	Type	#Events	Value
Details	Domain	22	security.googleblog.com
Details	Domain	16	googleusercontent.com
Details	Domain	2	zenodo.org
Details	Domain	2	dwheeler.com
Details	Domain	73	s3.amazonaws.com
Details	Domain	55	exploit.py
Details	Domain	1	ndss-2024-23049.s3.amazonaws.com
Details	Domain	6	www.energy.gov
Details	Domain	38	www.statista.com
Details	Domain	4127	github.com
Details	Domain	3	www.automation.com
Details	Domain	1	spidercontrol.net
Details	Domain	35	blackhat.com
Details	Domain	6	claroty.com
Details	Domain	469	www.cisa.gov
Details	Domain	1	cache.industry.siemens.com
Details	Domain	3	literature.rockwellautomation.com
Details	Domain	1	dl.mitsubishielectric.co.jp
Details	Domain	335	www.facebook.com
Details	Domain	11	www.rockwellautomation.com
Details	Domain	1	www.manualslib.com
Details	Domain	1	www.elmielettromeccanica.it
Details	Domain	2	www.se
Details	Domain	2	jlajara.gitlab.io
Details	Domain	27	developers.google.com
Details	Domain	150	www.w3.org
Details	Domain	11	chromium.googlesource.com
Details	Domain	1	service-worker-security-faq.md
Details	Domain	41	developer.mozilla.org
Details	Domain	1	whatwg.org
Details	Domain	2	html.spec.whatwg.org
Details	Domain	360	attack.mitre.org
Details	Domain	177	www.wired.com
Details	Domain	154	us-cert.cisa.gov
Details	Domain	110	doi.org
Details	Domain	134	shodan.io
Details	Domain	2	amplitude.com
Details	Domain	1	wicg.github.io
Details	Domain	15	github.blog
Details	Domain	5	wiki.mozilla.org
Details	Email	1	ab207}@gatech.edu
Details	File	22	www.nd
Details	File	1	resurrect.js
Details	File	5	malware.js
Details	File	1	webvisu.htm
Details	File	5	x.pdf
Details	File	1	configtools.php
Details	File	5	resp.json
Details	File	364	console.log
Details	File	3	industry.sie
Details	File	1	industrial-control-systems-security-ics-market-1273.html
Details	File	1	web.pdf
Details	File	1	an2013-24-20130701.pdf
Details	File	1	20guide%20for%20firewall%20deployment.pdf
Details	File	17	en.pdf
Details	File	1	-en-p.pdf
Details	File	1	l08643-a.pdf
Details	File	33	1.pdf
Details	File	1	ge-rx3i.html
Details	File	1	webvisu.html
Details	File	1	508c.pdf
Details	File	5	en-us.pdf
Details	File	1	webstorage.html
Details	File	1	76.pdf
Details	File	1	workstation-definition.html
Details	File	1	content-hosting-for-modern-web.html
Details	File	1	serviceworker.reg
Details	File	4	sw.js
Details	File	816	index.html
Details	File	4	evil.html
Details	File	13	exploit.html
Details	File	55	exploit.py
Details	Github username	1	wago
Details	Github username	2	hynekpetrak
Details	Github username	1	pceres
Details	ICS-CERT ADVISORY	1	ICSA-17-101-01
Details	ICS-CERT ADVISORY	2	ICSA-19-283-02
Details	IPv4	97	10.0.0.1
Details	MITRE ATT&CK Techniques	126	T1567
Details	Url	1	https://dx.doi.org/10.14722/ndss.2024.23049
Details	Url	1	http://support.industry.siemens.com
Details	Url	1	https://www.arizton.com
Details	Url	1	https://www.marketsandmarkets.com/market-reports
Details	Url	1	https://media.kaspersky.com/pdf/datasheet
Details	Url	1	https://cms-cdn.selinc.com/assets/literature/publications
Details	Url	1	https://www.energy.gov/sites/prod/files/good%20practices%
Details	Url	1	https://www.statista.com/statistics
Details	Url	1	https://github.com/wago/pfc-firmware/releases
Details	Url	1	https://support.industry.siemens.com/cs/document/107539750
Details	CVE	3	cve-2022-45137
Details	CVE	4	cve-2022-45138
Details	CVE	3	cve-2022-45139
Details	CVE	4	cve-2022-45140
Details	CVE	2	cve-2022-46670
Details	Domain	3	gatech.edu
Details	Domain	26	dx.doi.org
Details	Domain	5	www.ndss-symposium.org
Details	Domain	70	evil.com
Details	Domain	2	fbsbx.com
Details	Domain	2	support.industry.siemens.com
Details	Domain	1	www.arizton.com
Details	Domain	16	www.marketsandmarkets.com
Details	Domain	11	media.kaspersky.com
Details	Domain	1	cms-cdn.selinc.com
Details	Url	2	https://www.automation.com
Details	Url	1	https://spidercontrol.net/spidercontrol-products
Details	Url	1	https://i.blackhat.com/eu-19/wednesday
Details	Url	1	https://claroty.com/2021/05/28
Details	Url	1	https://www.cisa.gov/news-events/ics-advisories/icsa-17-101-01
Details	Url	1	https://www.cisa.gov/news-events/ics-advisories/icsa-19-283-02
Details	Url	1	https://cache.industry.siemens.com/dl/files/496
Details	Url	1	https://literature.rockwellautomation.com/idc/groups/literature
Details	Url	1	https://dl.mitsubishielectric.co.jp/dl/fa/document/catalog
Details	Url	1	https://literature.rockwellautomation.com/idc
Details	Url	1	https://www.facebook.com/whitehat/education/false-positives
Details	Url	1	https://www.rockwellautomation.com/content/dam
Details	Url	1	https://cache.industry.siemens.com/dl/files/710
Details	Url	1	https://www.manualslib.com
Details	Url	1	http://www.elmielettromeccanica.it
Details	Url	1	https://www.wago
Details	Url	1	https://www.se
Details	Url	1	https://www.codesys
Details	Url	1	https://jlajara.gitlab.io/js-recon
Details	Url	1	https://developers.google.com/web/fundamentals/primers
Details	Url	1	https://www.w3.org/tr
Details	Url	3	https://chromium.googlesource.com/chromium/src
Details	Url	1	https://developer.mozilla.org/en-us/docs/web/api/fetchevent
Details	Url	1	https://www.cisa.gov/sites/default/files/publications/federal
Details	Url	1	https://cache.industry.siemens.com/dl/files/560/59193560/att
Details	Url	1	https://html.spec.whatwg.org/multipage/webstorage.html
Details	Url	9	https://www.cisa.gov
Details	Url	3	https://attack.mitre.org/techniques/t1567
Details	Url	1	https://www.wired.com/2014/11
Details	Url	1	https://us-cert.cisa.gov/ics/alerts/ics-alert-14-281-01b
Details	Url	3	https://www.wired.com/story
Details	Url	1	https://doi.org/10.1145/1920261.1920267
Details	Url	3	https://shodan.io
Details	Url	1	https://amplitude.com/2022-app-vs-website-report#key
Details	Url	1	https://doi.org/10.1145/2914770.2837671
Details	Url	1	https://github.com/hynekpetrak/javascript-malware-collection
Details	Url	1	https://wicg.github.io/private-network-access
Details	Url	1	https://github.blog/2017-01-19-githubs-post-csp-journey
Details	Url	1	https://wiki.mozilla.org/security/csp/confidentiality
Details	Url	1	https://security.googleblog.com/2012/08
Details	Url	1	https://zenodo.org/record/8279954
Details	Url	60	https://github.com
Details	Url	1	https://github.com/pceres/lint
Details	Url	1	https://dwheeler.com/sloccount
Details	Url	1	https://github.com/wago
Details	Url	1	https://10.0.0.1/sw.js
Details	Url	1	https://10.0.0.1/index.html
Details	Url	1	https://ndss-2024-23049.s3.amazonaws.com/index.html