Cybersecurity researchers have uncovered a new dangerous malware designed to disrupt systems such as energy grids or other critical infrastructure.
Experts from Mandiant dubbed the malware CosmicEnergy, and believe it’s similar to previously-discovered Sandworm. Sandworm is a notorious Russian state-sponsored malware that was designed to target Ukrainian power grids back in 2016.
The key difference between CosmicEnergy and Sandworm is that the former wasn’t discovered after a security incident, but rather through threat hunting. Someone from Russia uploaded the malware to VirusTotal a year and a half ago, which is where Mandiant’s researchers picked it up.