Russian-linked malware was used in a January 2024 cyberattack to cut off the heating of over 600 apartment buildings in Lviv, Ukraine, for two days during sub-zero temperatures.
According to an LB.UA report, the attack forced district heating company Lvivteploenergo to disconnect heating services on January 23, impacting over 100,000 people across Lviv's Sykhiv residential area.
FrostyGoop, the Windows malware used in this attack, is designed to target industrial control system (ICS) using the Modbus TCP communications, a standard ICS protocol across all industrial sectors.
It was first discovered by cybersecurity company Dragos in April 2024, whose researchers initially believed it was still under testing. However, Ukraine's Cyber Security Situation Center (CSSC) shared details that the malware was being used in attacks and linked it with the January heating outage in Lviv.
1 comment