Russia-Linked Malware Disrupts Heating for 600 Ukrainian Buildings

The FrostyGoop malware attack left Lviv residents without heat for 48 hours during peak winter cold.

Dragos cybersecurity firm identified the malware, which altered temperature readings to switch off heating.
The attack targeted ENCO control devices using the insecure Modbus protocol.
Hackers accessed the utility's network months earlier via a MikroTik router vulnerability.
The malware was not hosted on the victim's network, complicating detection and prevention.
Dragos warns of thousands of vulnerable Modbus-enabled devices globally.