The nation-backed hacker group behind the TRITON/TRISIS malware attack is increasing its nefarious activity, putting critical infrastructure systems in danger of future cyber attacks, according to Dragos Security.
The group, which the security firm tracks as XENOTIME, not only remains active, but also appears to be widening its scope of potential attacks, Dragos said in a blog posted Thursday. Dragos researchers said they had “moderate confidence” that the XENOTIME group was seeking access to systems and capabilities to carry out a future disruptive—or even destructive—attack.

The link for this article located at The Security Ledger is no longer available.