Information Security News mailing list archives
Word up: BlackEnergy SCADA hackers change tactics
From: InfoSec News <alerts () infosecnews org>
Date: Fri, 29 Jan 2016 09:15:04 +0000 (UTC)
http://www.theregister.co.uk/2016/01/28/blackenergy_tv_station_attack/ By John Leyden The Register 28 Jan 2016A new BlackEnergy spear-phishing campaign is targeting more Ukrainian firms, including a television channel.
A spear-phishing document found by Kaspersky Lab analysts mentions the far-right Ukrainian nationalist political party "Right Sector" and appears to have been used in an attack against a popular television channel in Ukraine. Ukrainian TV station "STB" was previously named as a victim of the BlackEnergy Wiper attacks in October 2015.
The Russian-speaking BlackEnergy APT group are notoriously blamed for malware-based attacks against utilities that led to short power outages in the days before Christmas.
The BlackEnergy APT group has been actively using spear-phishing emails carrying malicious Excel documents with macros to infect computers in a targeted network since the middle of last year. However, in January this year, Kaspersky Lab researchers discovered a new malicious document which infects the system with a BlackEnergy Trojan. Unlike the Excel documents used in previous attacks, this was a Microsoft Word document.
[...] -- Evident.io - Continuous Cloud Security for AWS. Identify and mitigate risks in 5 minutes or less. Sign up for a free trial @ https://evident.io/
Current thread:
- Word up: BlackEnergy SCADA hackers change tactics InfoSec News (Jan 29)