Symantec researchers have uncovered a malware campaign of a hacker group called “dragonfly” targeting the western energy sector. The hackers installed a trojan on computers belonging to energy companies in the US and Europe and therefore had remote access to their system.
According to Symantec, “among the targets were energy grid operators, major electricity generation firms, petroleum pipeline operators, and energy industry industrial equipment providers. The majority of the victims were located in the United States, Spain, France, Italy, Germany, Turkey, and Poland.”
Dragonfly spread one of the trojans called Havex by hacking websites of companies selling software used in industrial control systems (ICS). The campaign gave attackers the chance to spy on energy comapnies and also sabotage their systems. Symantec states that the malware campaign “follows in the footsteps of Stuxnet“.