Industroyer[1] (also referred to as Crashoverride) is a malware framework considered to have been used in the cyberattack on Ukraine’s power grid on 17 December 2016.
[2][3][4] The attack cut a fifth of Kyiv, the capital, off power for one hour and is considered to have been a large-scale test.
[8] At the same time, it is the fourth malware publicly revealed to target industrial control systems, after Stuxnet, Havex, and BlackEnergy.
[8] In 2022, the Russian hacker group Sandworm initiated a blackout in Ukraine using a variant of Industroyer aptly dubbed Industroyer2.
[11] The detailed analysis of Industroyer[12] revealed that the malware was designed to disrupt the working processes of industrial control systems, specifically those used in electrical substations.