Hackers target biomanufacturing facilities using the Tardigrade malware

(Image credit: Pixabay)
Audio player loading…

Biomanufacturing facilities in the US are being actively targeted by an unknown hacking group leveraging a new malware (opens in new tab) strain.

In a new threat advisory (opens in new tab), the Bioeconomy Information Sharing and Analysis Center (BIO-ISAC) revealed that the first attack believed to be launched using this new malware dubbed “Tardigrade” occurred in the spring of this year. At that time, Tardigrade was used in a cyberattack on a large biomanufacturing facility though a second facility was hit using the same malware just last month.

According to BIO-ISAC, both biomanufacturing sites and their partners are “encouraged to assume that they are targets” and should take the necessary steps to review their security and response postures.

Tardigrade malware

As reported (opens in new tab) by SiliconANGLE, Tardigrade is primarily used for espionage though the malware also causes other issues on the systems it infects including network outages.

In a separate report (opens in new tab), Wired noted that these recent attacks may be linked to Covid-19 research (opens in new tab) as the pandemic has shown just how important biomanufacturing research is when developing vaccines and other medicines.

The origins of the code used in Tardigrade is also up for debate as BIO-ISAC believes the malware is based on Smoke Loader (opens in new tab) though security researchers that spoke with Bleeping Computer claim that it is a form of the Cobalt Strike HTTP beacon as opposed to an entirely new malware strain.

Due to Tardigrade's advanced characteristics, the malware could have been developed by an advanced threat detection group or even by a nation-state intelligence service. 

Regardless of its origin, Tardigrade is quite dangerous and we'll likely find out more regarding this new malware as security researchers and even government agencies delve deeper into its code in an attempt to discover its true origins.

We've also featured the best endpoint protection software (opens in new tab) and best firewall (opens in new tab)

Via SiliconANGLE (opens in new tab)

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.