BlackEnergy – Page 2 – WindowsTechs.com

GreyEnergy Spy APT Mounts Sophisticated Effort Against Critical Infrastructure

Posted on October 18, 2018 by Tara Seals

The group is a successor to BlackEnergy and a subset of the TeleBots gang–and its activity is potentially a prelude to a much more destructive attack. Continue reading GreyEnergy Spy APT Mounts Sophisticated Effort Against Critical Infrastructure→

BlackEnergy Successor Hits Energy Companies Since 2015

Posted on October 18, 2018 by Lucian Constantin

For the past three years, a stealthy cyberespionage group has been targeting energy companies, primarily from Poland and Ukraine, using a new malware framework dubbed GreyEnergy. GreyEnergy is a modular malware platform which, according to researchers… Continue reading BlackEnergy Successor Hits Energy Companies Since 2015→

GreyEnergy: New malware targeting energy sector with espionage

Posted on October 17, 2018 by Waqas

By Waqas
After BlackEnergy, critical infrastructure around the world is among key targets of the new malware called GreyEnergy. In its recent research, ESET has revealed details of a new group of cybercriminals dubbed as GreyEnergy, which seems to be t… Continue reading GreyEnergy: New malware targeting energy sector with espionage→

Meet GreyEnergy, the newest hacking group hitting Ukraine’s power grid

Posted on October 17, 2018 by Sean Lyngaas

Ever since the seminal cyberattacks on the Ukrainian power grid in 2015 and 2016, researchers have traced the evolution of the broad set of hackers behind the attacks in an effort to warn organizations the hackers might strike next. On Wednesday, analysts from cybersecurity company ESET added to that body of knowledge in revealing a quieter subgroup of those hackers that has targeted energy companies in Ukraine and Poland. ESET has dubbed the group GreyEnergy, a derivative of the original group of hackers, which have been known as BlackEnergy. Whereas BlackEnergy is known for the disruptive 2015 attack on the Ukrainian grid that cut power for roughly 225,000 people, GreyEnergy has to date preferred reconnaissance and espionage, according to ESET. The group has taken screenshots of its possible targets, stolen credentials, and exfiltrated files. “Clearly, they want to fly under the radar,” said Anton Cherepanov, the company’s lead researcher on […]

The post Meet GreyEnergy, the newest hacking group hitting Ukraine’s power grid appeared first on Cyberscoop.

Continue reading Meet GreyEnergy, the newest hacking group hitting Ukraine’s power grid→

NotPetya Linked to Industroyer Attack on Ukraine Energy Grid

Posted on October 15, 2018 by Tara Seals

Evidence shows that three of the most destructive incidents seen in modern cyber-history are the work of one APT. Continue reading NotPetya Linked to Industroyer Attack on Ukraine Energy Grid→

Backdoor Links 2016 Ukrainian Blackout to Sandworm APT and NotPetya

Posted on October 12, 2018 by Lucian Constantin

Analysis of a new backdoor program allowed malware researchers to establish clear links between the cyberattacks that led to power outages in Ukraine in 2015 and 2016 and the NotPetya ransomware outbreak. The new backdoor is called Exaramel and is use… Continue reading Backdoor Links 2016 Ukrainian Blackout to Sandworm APT and NotPetya→

Researchers link tools used in NotPetya and Ukraine grid hacks

Posted on October 11, 2018 by Sean Lyngaas

New research provides evidence linking some of the most impactful cybersecurity incidents on record – the 2015 and 2016 attacks on the Ukrainian power grid and the 2017 NotPetya malware outbreak – to the same set of hackers that Western governments say are sponsored by the Russian government. Researchers from cybersecurity company ESET say they have laid out the first concrete, public evidence of that link, citing a pattern of “backdoors” — or tools for remote access — used by the hackers. In April, ESET researchers found that the group, which they dub TeleBots, was trying to set up a new backdoor. ESET says this backdoor, known as Win32/Exaramel, is an “improved version” of the“Industroyer” backdoor used in the 2016 attack on the Ukrainian power sector, which knocked out at electrical substation outside of Kiev. The 2015 attack on Ukrainian grid, using the group’s custom BlackEnergy malware, cut power for […]

The post Researchers link tools used in NotPetya and Ukraine grid hacks appeared first on Cyberscoop.

Continue reading Researchers link tools used in NotPetya and Ukraine grid hacks→

VPNFilter EXIF to C2 mechanism analysed

Posted on May 24, 2018 by GReAT

Our colleagues from Cisco Talos published their excellent analysis of VPNFilter, an IoT / router malware which exhibits some worrying characteristics. We’ve decided to look a bit into the C&C mechanism for the persistent malware payload. Continue reading VPNFilter EXIF to C2 mechanism analysed→

Nation State Actor Builds Massive Army of Compromised Routers

Posted on May 23, 2018 by Lucian Constantin

A hacker group with suspected ties to the Russian government has infected more than 500,000 routers and other devices with highly sophisticated malware, possibly in preparation for future large-scale attacks. According to researchers from Cisco System… Continue reading Nation State Actor Builds Massive Army of Compromised Routers→

Someone Has Infected At Least 500,000 Routers All Over The World And No One Knows Why

Posted on May 23, 2018 by Lorenzo Franceschi-Bicchierai

But Ukraine’s government says it thinks that Russia will use “VPNFilter” to attack Saturday’s Champions League final. Continue reading Someone Has Infected At Least 500,000 Routers All Over The World And No One Knows Why→