Hatman is a malware that is just as scary is as the creepy pasta the name is lifted from. This malware affects the ICS saftey systems in a various of chemical/electrical/oil plants around the world and can be used to create accidents. Currently it's being seen in the middle east targeting electric and oil production systems but no body know who's behind it and it could be creeping into other systems using the affect microprocessors new or aftermarket.
ftqotuxpdqzarvmoanbdaogdquotadmeimdoayqeitqdqftqegzeqfeazbqdeum
ebqmwuzsftqudfazsgqftqkxaawfaftqrgfgdq
the children of jacob procure ichor as war comes where the sun sets on persia
speaking their tongue they look to the future
https://ics-cert.us-cert.gov/sites/default/files/documents/MAR-17-352-01%20HatMan%20-%20Safety%20System%20Targeted%20Malware%20%28Update%20A%29_S508C.PDF
https://ics-cert.us-cert.gov/sites/default/files/file_attach/MAR-17-352-01.yara
https://www.schneider-electric.com/en/work/products/industrial-automation-control/triconex-safety-systems/
https://ics-cert.us-cert.gov/sites/default/files/documents/MAR-17-352-01%20HatMan—Safety%20System%20Targeted%20Malware_S508C.pdf
http://www.ultra-3eti.com/trisis/
https://github.com/ICSrepo/TRISIS-TRITON-HATMAN
https://www.wired.com/story/triton-malware-targets-industrial-safety-systems-in-the-middle-east/
https://www.securityweek.com/dhs-warns-malware-targeting-industrial-safety-systems
https://en.wikipedia.org/wiki/FireEye
https://ics-cert.us-cert.gov/advisories/ICSA-18-107-02
http://www.real-time-answers.com/documents/Slides_2014-Triconex-Technical-Conference-Webinar.pdf
http://tech-wreckblog.blogspot.com/2018/04/malware-watch-we-42018.html
https://chemical-facility-security-news.blogspot.com
Hatman Lore
https://www.ranker.com/list/phantom-hat-man-facts/erin-mccann