Summary of the report:
In October 2019, several of the world’s largest manufactures encountered instances of infection. Attackers used malware variants to compromise a set of embedded IoT (Internet of Things) devices. The infection targeted a range of devices ranging from smart printers, smart TV’s, and even heavy operational equipment such as Automatic Guided Vehicles (AGV). Infected device are at risk to malfunction creating risks to safety, disruption of the supply chain, and data loss. The malware used in the campaign is a self-spreading downloader that runs malicious scripts as part of the Lemon_Duck PowerShell malware variant family.
TrapX labs conducted extensive research on this file-less malware campaign using infected slaves for crypto-mining.