IOCONTROL

Description

(Claroty) Team82 obtained a sample of a custom-built IoT/OT malware called IOCONTROL used by Iran-affiliated attackers to attack Israel- and U.S.-based OT/IoT devices.

IOCONTROL has been used to attack IoT and SCADA/OT devices of various types including IP cameras, routers, PLCs, HMIs, firewalls, and more. Some of the affected vendors include: Baicells, D-Link, Hikvision, Red Lion, Orpak, Phoenix Contact, Teltonika, Unitronics, and others.

We’ve assessed that IOCONTROL is a cyberweapon used by a nation-state to attack civilian critical infrastructure.

Names

Name
IOCONTROL

Type

ICS malware

Information

https://claroty.com/team82/research/inside-a-new-ot-iot-cyber-weapon-iocontrol
https://therecord.media/us-offers-reward-for-iran-hacker-iocontrol-malware

Other Information

Uuid

71b633fc-7f76-4c90-bb94-c1ce6ba1a591

Last Card Change

2025-06-28

Threat Intelligence Garden

Explorer

IOCONTROL

IOCONTROL

Description

Names

Category

Type

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks