Tag: BlackEnergy

Critical infrastructure: Under cyberattack for longer than you might think

April 21, 2022

Lessons from history and recent attacks on critical infrastructure throw into sharp relief the need to better safeguard our essential systems and services. Just days ago, Ukraine’s power grid came under attack as the Sandworm group attempted to deploy a piece of malware called Industroyer2 against the operations of an energy supplier in the country. Industroyer2, uncovered during … More Critical infrastructure: Under cyberattack for longer than you might think

Attacks targeting IT firms stir concern, controversy

February 18, 2021

The Exaramel backdoor, discovered by ESET in 2018, resurfaces in a campaign hitting companies that use an outdated version of a popular IT monitoring tool. France’s national cybersecurity agency ANSSI has disclosed details about an intrusion campaign targeting IT services firms that run the Centreon IT resource monitoring tool. The attacks are thought to have stayed under … More Attacks targeting IT firms stir concern, controversy

2018: Research highlights from ESET’s leading lights

January 2, 2019

As the curtain slowly falls on yet another eventful year in cybersecurity, let’s look back on some of the finest malware analysis by ESET researchers in 2018. If you never got the chance to read this year’s investigations by ESET researchers into some of the most dangerous hacker shenanigans in recent years, or if you … More 2018: Research highlights from ESET’s leading lights

GreyEnergy: Updated arsenal of one of the most dangerous threat actors

October 18, 2018

ESET research reveals a successor to the infamous BlackEnergy APT group targeting critical infrastructure, quite possibly in preparation for damaging attacks. Recent ESET research has uncovered details of the successor of the BlackEnergy APT group, whose main toolset was last seen in December 2015 during the first-ever blackout caused by a cyberattack. Around the time … More GreyEnergy: Updated arsenal of one of the most dangerous threat actors

New TeleBots backdoor: First evidence linking Industroyer to NotPetya

October 12, 2018

ESET’s analysis of a recent backdoor used by TeleBots – the group behind the massive NotPetya ransomware outbreak – uncovers strong code similarities to the Industroyer main backdoor, revealing a rumored connection that was not previously proven. Among the most significant malware-induced cybersecurity incidents in recent years were the attacks against the Ukrainian power grid – which … More New TeleBots backdoor: First evidence linking Industroyer to NotPetya