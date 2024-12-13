Researchers at industrial cybersecurity provider Claroty have discovered a new tool nation-state cyber threat actors use to attack civilian critical infrastructure.

Team82, Claroty’s threat intelligence research team, obtained a sample of IOCONTROL, custom-built malware that infects Internet of Things (IoT) and operational technology (OT) systems.

Team82 has assessed that IOCONTROL is part of a global cyber operation against Western IoT and OT devices.

They shared their findings in a new report published on December 10.

The malware sample was extracted from a fuel management system allegedly compromised by the CyberAv3ngers, a threat group believed to be part of Iran’s Islamic Revolutionary Guard Corps Cyber Electronic Command (IRGC-CEC). The same group is said to be responsible for the Unitronics attack in the fall of 2023.