Triton malware compromises critical infrastructure again

Cybersecurity experts from FireEye have published a report explaining that Triton malware has been used again, after the 2017 attack, to compromise an undisclosed critical infrastructure installation.

The threat is designed to explore the target networks and sabotage their Industrial Control Systems, often used in power plants and oil refineries and thus gain control over facility operations.

In addition, research indicates that the malware had been latent for about a year, during which it had been studying network configuration and how to swivel from one system to another before launching the attack.