IOC Details

havex ics_scada espionage malware
 by @iocbucket

short description:

havex (ics-scada) espionage malware
long description:

havex - a relatively generic remote access trojan (rat) - gets delivered to victims via spam emails and exploit kits, but to maximize the likelihood that the right people would get infected, the attackers have also poisoned a few online watering holes. havex manipulates the opc protocol. opc is often used to transfer process data between systems from different vendors. almost every ics made in the last decade has an opc interface; it is the ics universal translator. the havex rat is distributed at least through following channels spam email, exploit kits, trojanized installers.
comments powered by Disqus