BlackEnergy Malware’s Latest Version Strikes in Poland and Ukraine

ESET the security company has found one fresh edition of the notorious malicious program BlackEnergy which it has named BlackEnergy Lite earlier employed in attacking Georgia the nation that got in conflict with Russia in 2008. The current edition of BlackEnergy was recently observed targeting over a hundred industry and government entities situated within Ukraine and Poland, says ESET. Scmagazineuk.com reported this dated September 23, 2014.

In the meantime, F-Secure another security company based in Finland has spotted one more new BlackEnergy assault against an entity inside Brussels, Belgium.

In one particular blog post, Robert Lipovsky, Malware Researcher at ESET states that the BlackEnergy in a botnet form has currently changed its activities from spam distribution, distributed-denial-of service assaults as well as bank fraud onto personalized assaults against private companies and state agencies. Scmagazineuk.com reported this dated September 23, 2014.

Evidently, the BlackEnergy assaults have been carried out all through 2014 while even now continuing in September 2014.

Lipovsky states that the attacks have victimized 100 different targets, about half of which belong to Poland and Ukraine each, while comprising several state agencies, different enterprises along with some unidentified targets. Infosecurity-magazine.com reported this dated September 24, 2014.

Lipovsky further states that the proliferating assaults, which ESET has witnessed, have possibly employed contamination techniques via software vulnerability exploitations, socially-engineered spear-phishing electronic mails as well as decoy documents, alternatively some combination of all.

F-Secure noted within a whitepaper that during 2014 summer, the company found strains of BlackEnergy striking state agencies aimed with seizing information. F-Secure dubbed those strains BlackEnergy 3 as well as recognized them as linked with certain group the firm called "Quedagh" derived from certain Indian ship's name that William Kidd a Scottish privateer hijacked during 17th century end. F-Secure believes that Quedagh has remained active starting 2010.

Significantly meanwhile, suspicion abounds over the government of Russia's association with cyber-assaults against foreign targets, particularly ones having a connection with the ongoing skirmishes inside Ukraine. In March, BAE Systems the defense contractor of UK indicated that Ukraine encountered several cyber-assaults from undercover agents while anxiety grew among the two nations.

» SPAMfighter News - 10/7/2014