Skip to main content
In April 2024, FrostyGoop, an ICS malware, was discovered in a publicly available malware scanning repository. FrostyGoop can target devices communicating over Modbus TCP to manipulate control, modify parameters, and send unauthorized command messages. Modbus is a commonly used protocol across all industrial sectors. 

The Cyber Security Situation Center (CSSC), a part of the Security Service of Ukraine, shared details with Dragos about a cyber attack that impacted a municipal district energy company in Lviv, Ukraine, in January 2024. At the time of the attack, this facility fed over 600 apartment buildings in the Lviv metropolitan area, supplying customers with central heating. Remediation of the incident took almost two days, during which time the civilian population had to endure sub-zero temperatures. Dragos assessed that FrostyGoop and internet-exposed ICS devices facilitated this attack. 

This brief provides a strategic summary of information on this OT threat and attack as reported in Dragos WorldView threat intelligence, with clear guidance for OT asset owners and operators. 

Discover More Resources Using Keyword Tags
Malware OT Cybersecurity OT Monitoring

Discover more resources.

Explore more resources to support you on your ICS cybersecurity journey.

Read our next report

Reports

OT Cyber Threat Intelligence Report: Manufacturing Threat Perspective

View Reports
Right Arrow

View more reports

Right Arrow

See the Dragos Platform in Action

Take the next step to protect your OT environment now with a free demo