Russia-Freezes Lviv: Cyberattack Cuts Heating for 600+ Apartments in Sub-Zero Temps
Russian-linked FrostyGoop malware froze Lviv, Ukraine, by cutting off heating for over 600 apartments in January 2024. This industrial control system-targeting malware disrupted the energy provider, causing a two-day cold spell amidst sub-zero temperatures.

Hot Take:
Looks like the cyber world just gave “Netflix and chill” a whole new meaning! FrostyGoop, the malware with a name that sounds like a bad frozen yogurt flavor, decided to turn up (or should I say, down) the cold in Lviv, Ukraine. Who knew hackers had a thing for sub-zero temperatures and industrial sabotage?
Key Points:
- Russian-linked malware, FrostyGoop, was used in a January 2024 cyberattack in Lviv, Ukraine.
- The attack targeted the heating of over 600 apartment buildings during sub-zero temperatures.
- FrostyGoop exploits Modbus TCP communications to target industrial control systems (ICS).
- Hackers had access to the victim’s network almost a year prior to the attack.
- Dragos advises implementing SANS 5 Critical Controls for OT Cybersecurity to mitigate such risks.
Already a member? Log in here