An advanced persistent threat (APT) has been linked to cyberattacks on two biomanufacturing companies that occurred this year with the help of a custom malware loader called “Tardigrade.”
That’s according to an advisory published by Bioeconomy Information Sharing and Analysis Center (BIO-ISAC) this week, which noted that the malware is actively spreading across the sector with the likely goal of perpetrating intellectual property theft, maintaining persistence for extended periods of time, and infecting the systems with ransomware.
BIO-ISAC, which commenced an investigation following a ransomware attack targeting an unnamed biomanufacturing facility earlier this spring, characterized Tardigrade as a sophisticated piece of malware with “a high degree of autonomy as well as metamorphic capabilities.” The same malware was then used to strike a second entity in October 2021.
The “actively spreading” intrusions have not been attributed to a specific threat actor or a nation, but the agency told The Hill that the efforts mirrored previous attacks by a hacking group linked to Russia.
images from Hacker News