The Story of the PLC Password Cracking Malware
In early 2022, I was doing a vulnerability assessment targeting Automation Direct's DirectLogic
06
Programmable Logic Controller (PLC)
and C-More EA9
Human-Machine Interface (HMI)
when I stumbled upon an interesting
Youtube video demonstrating
self-proclaimed PLC password "cracking" software where an operator could pay an unknown actor for their software which, when ran on a