A major cyberattack struck Lviv, Ukraine, disrupting central heating in over 600 apartment buildings for nearly two days.
The attack, which took place from January 22-23, involved malware identified as FrostyGoop.
This malware, reported by cybersecurity firm Dragos, specifically targets industrial control systems, particularly heating system controllers.
Dragos first detected FrostyGoop in April 2023 but initially believed it was merely a test.
The malware interacts with industrial control devices over Modbus, a widely used protocol, causing malfunctions without damaging the equipment.
This incident marks the ninth ICS-specific malware identified by Dragos, raising concerns about potential global impacts.
The hackers likely gained access through a vulnerable internet-exposed Mikrotik router and had been infiltrating the network since April 2023.
While Dragos has not attributed the attack to any specific group or government, it noted the use of Russian IP addresses.
The attack is considered a form of psychological warfare aimed at undermining Ukrainian morale through cyber means rather than physical destruction.
