Cybercriminals are finding new methods to compromise energy companies and other critical industries with custom malware, exploiting legitimate apps. Instead of trying to hack the company directly, hackers are finding success in hacking software providers to hack vendors, according to security firm F-Secure.
The "Havex" malware previously hit the energy sector, and is now being used to target companies in Europe. An industrial machine producer and two educational organizations in France, with companies in Germany also hit.
"During the spring of 2014, we noticed that Havex took a specific interest in Industrial Control Systems (ICS) and the group behind uses an innovative Trojan horse approach to compromise victims," said F-Secure in a blog post. "The attackers have Trojanized software available for download from ICS/SCADA manufacturer websites in an attempt to infect the computers where the software is installed to."
There are more than 88 variants of the malware used to "gain access to, and harvest data from, networks and machines of interest," according to F-Secure. The tactic has been highly beneficial as hackers continue to evolve.