To install click the Add extension button. That's it.

The source code for the WIKI 2 extension is being checked by specialists of the Mozilla Foundation, Google, and Apple. You could also do it yourself at any point in time.

How to transfigure the Wikipedia

Would you like Wikipedia to always look as professional and up-to-date? We have created a browser extension. It will enhance any encyclopedic page you visit with the magic of the WIKI 2 technology.

Try it — you can delete it anytime.

Install in 5 seconds
4,5
Kelly Slayton
Congratulations on this excellent venture… what a great idea!
Alexander Grigorievskiy
I use WIKI 2 every day and almost forgot how the original Wikipedia looks like.
Live Statistics
English Articles
Improved in 24 Hours
Added in 24 Hours
What we do. Every page goes through several hundred of perfecting techniques; in live mode. Quite the same Wikipedia. Just better.
Great Wikipedia has got greater.
.
Leo
Newton
Brights
Milds

Pipedream (toolkit)

From Wikipedia, the free encyclopedia

Pipedream is a software framework for malicious code targeting programmable logic controllers (PLCs) and industrial control systems (ICS).[1] First publicly disclosed in 2022, it has been described as a "Swiss Army knife" for hacking.[1] It is believed to have been developed by state-level Advanced Persistent Threat actors.[1]

The name "Pipedream" was given by the cybersecurity company Dragos;[2] the cybersecurity company Mandiant uses the name "Incontroller".[3][4] It has been compared with the Industroyer toolkit used in the December 2015 Ukraine power grid cyberattack.[3] Dragos refers to the authors of the software as Chernovite.[5]

Details

The toolkit consists of custom-made tools that, once they have established initial access in an operational technology (OT) network, enables them to scan for, compromise, and control certain ICS/SCADA devices, including the following:[6]

The toolkit has a modular architecture and enables cyber actors to conduct highly automated exploits against targeted devices. The tools have a virtual console with a command interface that mirrors the interface of the targeted ICS/SCADA device. Modules interact with targeted devices, enabling operations by lower-skilled cyber actors to emulate higher-skilled actor capabilities.[6]

APT actors can leverage the modules to scan for targeted devices, conduct reconnaissance on device details, upload malicious configuration/code to the targeted device, back up or restore device contents, and modify device parameters.[6]

In addition, the APT actors can use a tool that installs and exploits a known-vulnerable ASRock-signed motherboard driver, AsrDrv103.sys, exploiting CVE-2020-15368 to execute malicious code in the Windows kernel. Successful deployment of this tool can allow APT actors to move laterally within an IT or OT environment and disrupt critical devices or functions.[6]

See also

References

  1. ^ a b c Greenberg, Andy. "Feds Uncover a 'Swiss Army Knife' for Hacking Industrial Systems". Wired. ISSN 1059-1028. Retrieved 2022-04-15.
  2. ^ "CHERNOVITE's PIPEDREAM Malware Targeting Industrial Control Systems (ICS)". www.dragos.com. 2022-04-13. Retrieved 2022-04-15.
  3. ^ a b Page, Carly (14 April 2022). "State-backed hackers have developed custom malware". TechCrunch. Retrieved 2022-04-15.
  4. ^ "INCONTROLLER: New State-Sponsored Cyber Attack Tools Target Multiple Industrial Control Systems". www.mandiant.com. Retrieved 2022-04-15.
  5. ^ "CHERNOVITE Threat Activity Group". www.dragos.com. 2022-04-13. Retrieved 2022-04-15.
  6. ^ a b c d "APT Cyber Tools Targeting ICS/SCADA Devices". www.cisa.gov. Retrieved 2022-04-15.
Stub icon

This malware-related article is a stub. You can help Wikipedia by expanding it.

This page was last edited on 15 December 2022, at 02:54
Basis of this page is in Wikipedia. Text is available under the CC BY-SA 3.0 Unported License. Non-text media are available under their specified licenses. Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc. WIKI 2 is an independent company and has no affiliation with Wikimedia Foundation.
Contact WIKI 2
Introduction
Terms of Service
Privacy Policy