A newly discovered piece of malware is raising serious alarms about the security of critical water infrastructure. Called ZionSiphon malware, it was built with one goal: to infiltrate and sabotage water treatment and desalination systems in Israel. Researchers at AI-powered cybersecurity firm Darktrace uncovered the threat and published a detailed analysis of its capabilities, its targets, and the political messaging buried in its code.
While the current version contains a flaw that stops it from firing its payload, experts warn that a single bug fix could make it fully operational. That distinction matters less than it might seem. The malware’s architecture is coherent, its intent is clear, and the infrastructure it targets supplies drinking water to millions of people.
What ZionSiphon Malware Is Designed to Do
ZionSiphon malware is not a general-purpose tool. It was purpose-built to run inside Israeli water treatment and desalination environments. Once deployed, it first checks whether the host system’s IP address falls within specific Israeli network ranges. If the IP matches, it then looks for software, processes, and folder structures tied to water treatment operations. Both conditions must be true before the malware advances.
If a system passes those checks, ZionSiphon attempts to tamper with local configuration files. It appends hardcoded entries that push chlorine dose and pump settings to dangerous levels. The targeted config entries include values like Chlorine_Dose=10, Chlorine_Pump=ON, Chlorine_Flow=MAX, and RO_Pressure=80. At those concentrations, chlorine becomes a public health hazard. Overloaded pressure settings can cause physical pipe bursts and pump failures.
Beyond file tampering, the malware scans the local network for industrial control system devices. It probes three industrial communication protocols: Modbus on port 502, DNP3 on port 20000, and S7comm on port 102. These protocols are standard in water plants, power facilities, and other critical infrastructure environments. For Modbus-connected devices, ZionSiphon sends read commands to identify registers controlling chlorine dose, then follows up with write commands to force dangerous values.
How It Spreads and Stays Hidden
ZionSiphon malware uses a USB propagation mechanism, which makes it especially dangerous in critical infrastructure environments. Many systems that control water treatment operations are air-gapped, meaning they have no direct internet connection. USB drives are often the only way data moves in and out.
The malware copies itself to any removable drive it finds, disguised as a hidden svchost.exe file. It then replaces visible files on the drive with shortcut files that look like ordinary documents. When a worker clicks one of those shortcuts, the malware executes silently in the background.
Before all of this, ZionSiphon checks for administrator rights. If it lacks them, it relaunches itself via PowerShell with elevated privileges. It then establishes persistence by copying itself to a hidden path and adding a registry autorun key, blending in with normal Windows system processes.
Targets Named in the Code
The malware’s targeting is specific enough to name real facilities. Darktrace found hardcoded strings referencing Mekorot, Israel’s national water company, along with four of the country’s five major seawater desalination plants: Sorek, Hadera, Ashdod, and Palmachim. Shafdan, Israel’s central wastewater treatment and reclamation facility, also appears in the target list.
These facilities collectively supply tens of millions of cubic meters of drinking water each year. Their inclusion in ZionSiphon’s code confirms this is not opportunistic targeting. Someone mapped Israel’s water infrastructure and built the malware around it.
Political messaging in the code reinforces that point. Darktrace found Base64-encoded strings referencing support for Iran, Palestine, and Yemen, and a separate message about poisoning the population of Tel Aviv and Haifa. The self-identified author signs off as “0xICS,” suggesting a threat actor with knowledge of industrial control systems.
Why a Bug Is the Only Thing Stopping It
The current version of ZionSiphon malware cannot activate its payload. The country-validation logic contains a broken XOR-based encryption function. The malware encodes IP ranges and compares them against the output of an EncryptDecrypt function, but the function produces a different result than expected. Because the comparison always fails, the payload never fires. Instead, a SelfDestruct() routine removes persistence, logs the mismatch, and deletes the executable.
The DNP3 and S7comm modules are also unfinished. They contain only basic protocol-shaped byte sequences without the complete frames needed to send valid commands.
So the current build cannot complete an attack. But Darktrace is clear that the sabotage logic is already there. Fixing the encryption bug and completing the stub modules would be enough to make ZionSiphon operational.
A Broader Shift in Critical Infrastructure Threats
ZionSiphon malware fits into a pattern that security researchers have been tracking with growing concern. Attacks on water infrastructure are not new. But malware built specifically to manipulate physical processes, chlorine levels, hydraulic pressure, desalination operations, has historically required the kind of resources available only to nation-state actors.
ZionSiphon suggests that gap is closing. The malware combines standard IT intrusion techniques with OT-specific sabotage logic. That combination shows a threat actor moving beyond disruption toward physical harm. Israel’s water sector faces persistent targeting from groups with ties to Iran, but this tool marks a different level of technical ambition.
Darktrace notes that OT environments are particularly exposed because IT and OT monitoring are often siloed. Anomalies on an industrial network can go undetected for much longer than they would on a standard corporate network.
Final Thoughts
ZionSiphon malware is not yet a functional weapon, but it is close. Its architecture is deliberate, its targets are specific, and its intent is to cause real harm to civilian infrastructure. The bug that currently disables it is minor. Any competent developer could fix it.
For operators of water treatment facilities, utilities, and other critical infrastructure, this is a signal worth taking seriously. Monitoring for unusual activity in OT environments, watching for unexpected USB connections, and ensuring that IT and industrial networks are not completely blind to each other are not optional hardening steps. They are the baseline. ZionSiphon shows exactly what happens when that baseline slips.
