Back in BlackEnergy *: 2014 Targeted Attacks in Ukraine and Poland

State organizations and private businesses from various sectors in Ukraine and Poland have been targeted with new versions of BlackEnergy, a malware that's evolved into a sophisticated threat with a modular architecture.

22 Sep 2014 • , 5 min. read

A large number of state organizations and private businesses from various industry sectors in Ukraine and Poland have been targeted in recent attacks using malware designed for network discovery and remote code execution, and for collecting data from targets’ hard drives. What makes these attacks interesting – aside from the tense current geopolitical situation in the region – is that they were carried out using new versions of BlackEnergy, a malware family with a rich history, and also the various distribution mechanisms used to get the malware onto the victims’ computers.

The findings of our research will be presented this week at the Virus Bulletin conference in Seattle.

BlackEnergy is a trojan that ...