Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

BlackEnergy worm virus hits Ukrainian mining company and railway firm

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

February 15, 2016

As if we didn't have enough to deal with today, besides the Trojan Banking malware, there's another ugly Trojan that's also in the news this morning.

Security researchers have linked several attacks against Ukrainian power utilities in December of last year, which used the BlackEnergy trojan, to similar attacks against a mining company and a large railway operator in the Ukraine.

And it looks like the attacks were well synchronized. The new research, by Kyle Wilhoit of Trend Micro, casts a new light on what’s arguably the most significant malware-based hack attack since Stuxnet hobbled Iranian nuclear centrifuges back in 2010.

Wilhoit and his team identified the new victims after looking for traces of original indicators of compromise associated with BlackEnergy, including reconnaissance and lateral movement tools and KillDisk, a disk-wiping malware payload, among a few others.

The Ukrainian mining firm and a large Ukrainian train operator were identified as victims based on a combination of telemetry data from open-source intelligence and information from Trend Micro’s Smart Protection Network.

The two unnamed organizations were affected by some BlackEnergy and KillDisk infrastructure that were seen in attacks against energy firms Prykarpattya, Oblenergo and Kyivoblenergo.

Trend Micro says that the same group of hackers who hit the mining company and train firm with malware are also behind the Ukrainian power utility attack.

The general consensus is that infections at the power firms resulted in local power outages, although this is disputed by some.

But if confirmed, it would be the first incident of hackers taking down a power grid, a feat regularly accomplished by animals such as squirrels.

Trend Micro explores the possible motivations of the hackers, which range from an attempt to disable Ukraine economically to a test of the power of their malware against real life targets.

Source: Trend Micro.

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer