[prev in list] [next in list] [prev in thread] [next in thread] 

List:       isn
Subject:    [ISN] Word up: BlackEnergy SCADA hackers change tactics
From:       InfoSec News <alerts () infosecnews ! org>
Date:       2016-01-29 9:15:04
Message-ID: alpine.DEB.2.02.1601290914540.5294 () infosecnews ! org
[Download RAW message or body]

http://www.theregister.co.uk/2016/01/28/blackenergy_tv_station_attack/

By John Leyden
The Register
28 Jan 2016

A new BlackEnergy spear-phishing campaign is targeting more Ukrainian 
firms, including a television channel.

A spear-phishing document found by Kaspersky Lab analysts mentions the 
far-right Ukrainian nationalist political party "Right Sector" and appears 
to have been used in an attack against a popular television channel in 
Ukraine. Ukrainian TV station "STB" was previously named as a victim of 
the BlackEnergy Wiper attacks in October 2015.

The Russian-speaking BlackEnergy APT group are notoriously blamed for 
malware-based attacks against utilities that led to short power outages in 
the days before Christmas.

The BlackEnergy APT group has been actively using spear-phishing emails 
carrying malicious Excel documents with macros to infect computers in a 
targeted network since the middle of last year. However, in January this 
year, Kaspersky Lab researchers discovered a new malicious document which 
infects the system with a BlackEnergy Trojan. Unlike the Excel documents 
used in previous attacks, this was a Microsoft Word document.

[...]



--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
[prev in list] [next in list] [prev in thread] [next in thread]