A U.S. cybersecurity company says the hacking group behind a worrying breed of destructive software is operating well beyond the Middle East, raising the possibility that it is laying the groundwork for dangerous cyberattacks around the world.
Dragos Inc. said in a blog post Thursday that the group, which it dubs Xenotime, was behind the Trisis brand of malware that targets a special subset of industrial equipment tasked with keeping machinery operating safely.
Dragos first described how Trisis worked in a blog post published in December. Reporting by CyberScoop and The New York Times later tied the malware to the closure of an energy plant in Saudi Arabia.
Dragos offers virtually no detail to support its new warning, but the Maryland-based company is well known in the industrial cybersecurity space.