SFG: Furtim’s Parent Malware Cyber Targets Energy Grid in Europe and the US

SentinelOne has found and analyzed the dropper framework of the Furtim malware  discovered last May. It describes this as the mother ship, and has named it SFG: Furtim's Parent. In a blog post, SentinelOne indicates it was discovered targeting 'at least one European energy company', and describes it as highly sophisticated malware that could be used "to extract data or insert the malware to potentially shut down an energy grid." Security researchers have discovered a new malware threat that goes to great lengths to remain undetected while targeting energy companies. The malware program, which researchers from security firm SentinelOne have dubbed Furtim’s Parent, is a so-called dropper -- a program designed to download and install additional malware components and tools. The researchers believe it was released in May and was created by state-sponsored attackers. The goal of droppers is to prepare the field for the installation of other malware components that can perform specialized tasks. Their priority is to remain undetected, gain privileged access and disable existing protections. These are all tasks that Furtim’s Parent does well. When it's first executed on a system, the malware tests the environment for virtual machines, sandboxes, antivirus programs, firewalls, tools used by malware analysts, and even biometrics software.How vulnerable is the US energy grid to Furtim’s Parent? And which mitigation tactics are most effective. Share your comments with the Cloud and Cyber Security Center.