Unpacking the Blackjack Group's Fuxnet Malware

Team82 analyzes claims by the Blackjack group that it attacked Moscollector and deployed 'Fuxnet' to disable sensor gateways and disrupt M‑Bus‑connected sensors; the report details destructive malware behaviors (filesystem wipes, NAND and UBI corruption, disabling remote access, and serial-bus fuzzing), correlates leaked JSON/device lists and screenshots to identify impacted gateway models (MPSB, TMSB, IRZ routers), and concludes that while Blackjack claims tens of thousands of sensors were destroyed, available evidence indicates hundreds to a few thousand gateways were compromised and gateways — not necessarily the end sensors — were the primary devices bricked.