Israel Hit by New Siphon Malware Targeting Critical Infrastructure
Malicious Software Targets Israeli Water Treatment and Desalination Facilities
A newly discovered malware, dubbed ZionSiphon, has been found to specifically target operational technology (OT) systems at water treatment and desalination facilities in Israel.
- This sophisticated malicious software is designed to infiltrate industrial control systems and manipulate critical processes such as chlorine levels and water pressure.
- According to security researchers, ZionSiphon spreads through USB devices, exploiting removable-media propagation mechanisms to reach industrial systems.
- Upon successful infection, the malware checks for administrative privileges on the compromised device using a “RunAsAdmin()” function.
- To maintain persistence, it creates a registry key named “SystemHealthCheck.”
“ZionSiphon” by 0xICS, referencing Dimona, a city known for its nuclear research center, and containing hidden messages expressing support for Iran, Yemen, and Palestine.
The developers of ZionSiphon have identified themselves as 0xICS and referenced Dimona, a city known for its nuclear research center. Despite its mistakes, the malware remains a significant concern for organizations operating critical infrastructure in Israel and highlights the importance of robust cybersecurity measures to prevent such attacks.
Targeted Locations:
- Sorek
- Hadera
- Ashdod
- Shafdan
- Palmachim
The discovery of ZionSiphon serves as a reminder of the increasing sophistication and specificity of cyber threats targeting critical infrastructure. As a result, organizations must prioritize proactive defense strategies and stay vigilant against emerging threats like ZionSiphon.
About Author
English