Malware hyped as aimed at the head of power plants is nothing of the sort according to security outfit Damballa, which has put its name to analysis claiming the “SFG” malware is run-of-the-mill code without sufficient smarts to target SCADA systems. The so-called SFG malware is the spawn of Furtim, and hit headlines as targeting industrial control systems when all it does is creates backdoors for regular data exfiltration and payload dropping. Security outfit SentinelOne Labs found SFG and said it spotted the code infecting systems owned by an European energy company. SentinelOne said those attacks looked like the work of a nation-state. But Damballa says the malware is a regular financially-driven menace that lacks SCADA (supervisory control and data acquisition) targeting.
View full story
ORIGINAL SOURCE: The Register