Malware Found on Indian Nuclear Plant Network
The Nuclear Power Corporation of India Ltd. (NPCIL) detected malware on its network earlier this year, but noted that the affected computer was part of the plant’s administrative network and isolated from the critical internal network.” NPCIL learned of the infection from the government’s cybersecurity agency in early September. Dtrack, the malware that was found on the computer, shares some code elements with malware used by a North Korean hacking group. (Please note that the WSJ story is behind a paywall.)
Read more in:
– www.zdnet.com: Confirmed: North Korean malware found on Indian nuclear plant’s network
Utah Renewable Energy Provider Hit with Cyberattack in March
sPower, a Utah renewable energy company, was hit with a cyberattack in March of this year, causing it to lose communication connections with several of its solar and wind power generation sites for brief periods of time. The March 5 attack is believed to be the first recorded cyberincident that caused a disruption to the power industry. The attackers exploited a known vulnerability in a Cisco firewall to create a denial-of-service condition
Read more in:
– www.cyberscoop.com: Utah renewables company was hit by rare cyberattack in March
Hackers Infect QNAP NAS Devices with Malware
Thousands of QNAP network-attached storage (NAS) devices have been infected with malware. The National Cyber Security Centre of Finland (NCSC-FI) detected the malware, known as QSnatch, last week. The malware’s capabilities include preventing firmware updates, preventing a malware removal app from running, and stealing usernames and passwords. Currently the only confirmed way to remove QSnatch from infected devices is to do a factory reset.
Read more in:
– www.zdnet.com: Thousands of QNAP NAS devices have been infected with the QSnatch malware
Facebook Sues NSO Group Alleging It Used WhatsApp Accounts to Infect Phones with Spyware
Facebook has filed a lawsuit against NSO Group, alleging that the company created WhatsApp accounts and used them to make calls to their targets, infecting them with Pegasus spyware. The alleged targets include lawyers, journalists, human rights activists, and political dissidents. (Please note that the WSJ story is behind a paywall.)
Read more in:
– faq.whatsapp.com: Protecting our users from a video calling cyber attack
– qz.com: A WhatsApp hack used Israeli spyware to target Rwandan dissidents