Do you still remember Stuxnet?
The objectives of this new threat are identical but more ambitious and destructive.
The malware was thus baptized to be confused with the legitimate app that is called Triconex Trilog.
This program is used to evaluate logs and is part of the TriStation toolkit.
Inside the .exe (trilog.exe we can find a set of libraries, TsHi, TsBase and TsLow).
TsHi is a high-level interface that allows attackers to operate the attack using the TRITON framework.
Finally, TsLow is an additional communication module that makes use of the UDP transport protocol.
To do this, it uses the ICMP protocol.
So, what do you think about this?
Simply share your views and thoughts in the comment section below.
