1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Researchers uncover new delivery tactics used by BlackEnergy

Discussion in 'CSO' started by RSS, Jan 28, 2016.

  1. RSS

    RSS New Member Member

    Researchers at SentinelOne have discovered a new delivery tactic being used to spread BlackEnergy, the malware known for targeting SCADA systems across Europe. The latest variant of the rootkit is targeting Microsoft Office and points to actors with insider access.

    The latest variant of BlackEnergy (BlackEnergy 3) is the same malware used in recent attacks against Ukraine's critical infrastructure.

    SentinelOne reverse engineered the malware and discovered indicators that suggest it is being used by insiders to target industrial control systems.

    Moreover, their analysis – published in a report on Wednesday – suggests that the rootkit is the byproduct of a nation-sponsored campaign, but they didn't name any suspects.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page