Cyber Resilience

Campaign · all campaigns

FrostyGoop IncidentC0041 unknown

aka FrostyGoop Incident

Last updated: 2026-07-03

0attributed CVEs
7ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
years active

About this actor

[FrostyGoop Incident](https://attack.mitre.org/campaigns/C0041) took place in January 2024 against a municipal district heating company in Ukraine. Following initial access via likely exploitation of external facing services, [FrostyGoop](https://attack.mitre.org/software/S1165) was used to manipulate ENCO control systems via legitimate Modbus commands to impact the delivery of heating services to Ukrainian civilians.(Citation: Dragos FROSTYGOOP 2024)(Citation: Nozomi BUSTLEBERM 2024)

Source: MITRE ATT&CK

Activity timeline

No activity events recorded.

Profile

CVERiskCVSSEPSSPublishedProducts
No attributed CVEs.

Mitigating controls (NIST 800-53)

ControlTechniques coveredCoverage
CM-67 / 7100%
SI-47 / 7100%
CM-26 / 786%
AC-25 / 771%
AC-35 / 771%
AC-55 / 771%
AC-65 / 771%
CM-75 / 771%
CA-74 / 757%
CM-54 / 757%
IA-24 / 757%
RA-54 / 757%
SI-34 / 757%
SI-74 / 757%
AC-43 / 743%

Co-occurring actors

None.

Similar actors