New cyber grouping Hexane attacks industrial enterprises in the Middle East

✨ Megiddo

✨ President ✨
Staff member
May 15, 2016

Criminals bypass the protection of objects through trusted suppliers, compromising devices and software.

Dragos security researchers have identified a new cybercrime group, dubbed Hexane, aimed at industrial control systems in enterprises in the oil and gas and telecommunications sectors.

According to experts, the attackers began their criminal activities in the middle of 2018, and use malicious documents to penetrate the network. In the first half of 2019, the group concentrated attacks on oil and gas companies in the Middle East, mainly in Kuwait. The criminals also attempted attacks on TV providers in the countries of the Middle East, Central Asia and Africa.

According to experts, the criminals bypass the protection of objects through trusted suppliers, compromising the devices, software and telecommunications networks used by the targets in the framework of the process control system.

Hexan’s criminal activities show similarities with the attacks of the Magnallium (APT33) and Chrysene factions, since they all target oil and gas facilities and use similar methods. Chrysene focuses on companies and organizations in North America, Europe, Israel and Iraq, and uses sophisticated malware not only for attacks, but also for espionage. In June of this year, the hacker grouping Xenotime expanded its list of targets to include energy companies in the United States and countries of the Asia-Pacific region. Last year a team of specialists from Dragosincluded theabove groups in the list of groups representing the greatest danger to the process control system.
Top Bottom