Unicorn (Malware)
| Malware | |
| Industry | Software |
| Parent | INK Group |
Unicorn is a highly sophisticated malware that was developed by the INK Group in 2018. It is designed to exploit a previously unknown zero-day vulnerability in the Windows operating system, which allows it to gain remote access to servers and deploy code and commands without the user's knowledge. The primary goal of Hyppogriff is to target a nation's power infrastructure, it achieves this by providing false readouts to the end-user while initating a stealth force shutdown of the power grid and overload of any connected device.
Overview
The INK Group designed Unicorn to be a stealthy and covert malware that is difficult to detect and trace. It is designed to operate silently in the background, avoiding detection by most security software and system administrators. The malware's use of a zero-day exploit makes it even more difficult to detect and defend against.
Once Unicorn gains access to a system, it can execute various commands and code to achieve its objectives. It can modify system settings, install additional malware, provide live displays of the system, and execute various other malicious actions. The malware can also spread to other systems on the network, allowing it to infect an entire organization's infrastructure.
The malware's ability to provide false readouts to end-users can lead to confusion and misinformation, making it challenging to identify and respond to an attack. Additionally, the malware's ability to initiate a non-stopable force shutdown can have catastrophic consequences, causing power outages and potentially endangering lives.
Use Case
Unicorn has a very specific use case of being able to hijack a nation's power infrastructure and disrupt it, causing sever havoc and chaos. It's main potential use would be to be deployed hours before an invasion or assault on the desired nation to cause chaos and disruption resources.
Deployment
Unicorn can be deployed in a number of ways, physical instillation, Packet disruption, Trojan injection, ETC. The most common way to install the malware is by injecting the code after gaining access to a network using the Leviathan software and malware.
