Badomen

BadOmen is a sophisticated malware that was discovered by Dragos to exploit the CVE-2022-34151 vulnerability in order to interact with an HTTP server on targeted Omron NX/NJ controllers. This malicious software, which is part of Pipedream's components, has the potential to wreak havoc by manipulating and causing disruption to physical processes. Its mode of operation entails infecting systems through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, it can steal personal information, disrupt operations, or even hold data hostage for ransom. During its research into the BadOmen malware, Dragos uncovered additional vulnerabilities affecting Omron products. These security holes were discovered as part of the analysis of the BadOmen malware. However, Reid Wightman, lead vulnerability analyst at Dragos, clarified to SecurityWeek that these newly found vulnerabilities were not leveraged by the malware and there's no evidence that they have been exploited in the wild. In response to these findings, both the Cybersecurity and Infrastructure Security Agency (CISA) and the vendor have released advisories to inform organizations about these new flaws and the availability of patches. These actions are aimed at mitigating the risks posed by BadOmen and ensuring the security of systems running Omron products. As such, it is crucial for organizations to stay informed and take necessary measures to protect their systems from this potentially disruptive malware.