The cybersecurity firm FireEye said the attack on a Saudi industrial was linked to Russia’s Central Scientific Research Institute of Chemistry and Mechanics facility in Moscow.
FireEye claims to have discovered evidence that proves the involvement of Russia’s Central Scientific Research Institute of Chemistry and Mechanics in the development of the TRITON malware that caused some industrial systems to unexpectedly shut down last year, including a petrochemical plant in Saudi Arabia.
FireEye said it linked the attack to the Russian Research Institute through clues such as IP addresses [18.104.22.168] and malware that revealed the online nickname of a hacker who worked for the lab.
The researchers also reported computer code malware TRITON were written in Cyrillic and noted that the attackers kept Moscow working
Neither Russian government nor the Russian research institute has responded to the FireEye report, Russia’s response is
Recently the Department of Homeland Security and the FBI issued a joint report stating that the
The hackers behind Triton remained an active threat to critical infrastructure across the globe, as the malware is harmful and has the ability to cause severe, life-threatening damages to an organization or shut down its operations.