Dyslexicbloke
Member
Hi folks,
over the last couple of weeks I have seen 5 PLC.s with simmilar code modifications that I cant explain.
My site s typically use Schneider TM221CExxT or various Micrologix units.
I have seen 5 instances now of the code changong, OK being changed, on rungs where physical IO is the preceeding or following instruction.
Either coils/bits are repicated and inverted immidiatly before an output or bits/contacts are inserted after an input, or the input bit is entirly removed.
Typically I use IO mapping so physical IO only appears once in any program an the bits/coils asociated with IO are mapped to internal bits.
On the Schneider PLC's, 3 so far, a random bit, %M345 or %M789, was inserted twice, once inverted, in my IO map ladders preventing inputs and or outputs from working.
What I do is neither critical or importent and I douby my sites have been targetted but there is no buzz that suggests this is a wisespread thing either.
Is anyone els having issues?
Strangest thing I ever saw and aparantly not manufacturer speciffic.
BTW... All of thrse PLC's were internet connected and some not adiquatly protected... I guess tow decades of nothing made me complacent... My Bad
Is this just me, surely not?
over the last couple of weeks I have seen 5 PLC.s with simmilar code modifications that I cant explain.
My site s typically use Schneider TM221CExxT or various Micrologix units.
I have seen 5 instances now of the code changong, OK being changed, on rungs where physical IO is the preceeding or following instruction.
Either coils/bits are repicated and inverted immidiatly before an output or bits/contacts are inserted after an input, or the input bit is entirly removed.
Typically I use IO mapping so physical IO only appears once in any program an the bits/coils asociated with IO are mapped to internal bits.
On the Schneider PLC's, 3 so far, a random bit, %M345 or %M789, was inserted twice, once inverted, in my IO map ladders preventing inputs and or outputs from working.
What I do is neither critical or importent and I douby my sites have been targetted but there is no buzz that suggests this is a wisespread thing either.
Is anyone els having issues?
Strangest thing I ever saw and aparantly not manufacturer speciffic.
BTW... All of thrse PLC's were internet connected and some not adiquatly protected... I guess tow decades of nothing made me complacent... My Bad
Is this just me, surely not?