Hello Everyone,

I have been working extremely hard to bring you the next iteration of this project. However, as I am building up all the integrations, it's clear to me that I will need to expand the infrastructure to handle the load. If you have found this project helpful and would like to help support it please use one of the following two methods:

  • BTC: 12X2n4FsjpXNpHNJYHxNRSup2SrCR5tdeR

Big thank you to the few who reached out to me asking how you could donate to support the project and for giving me the idea to put a donation link on the site so others could do the same.

IOC Details

havex ics_scada espionage malware
OpenIOC1.0
 by @iocbucket
sha1:

f7cbe424b9bfb7ec5c3ce1b1cbe33e1850540814
short description:

havex (ics-scada) espionage malware
long description:

havex - a relatively generic remote access trojan (rat) - gets delivered to victims via spam emails and exploit kits, but to maximize the likelihood that the right people would get infected, the attackers have also poisoned a few online watering holes. havex manipulates the opc protocol. opc is often used to transfer process data between systems from different vendors. almost every ics made in the last decade has an opc interface; it is the ics universal translator. the havex rat is distributed at least through following channels spam email, exploit kits, trojanized installers.
comments powered by Disqus