We’ve recently detected a new distribution mechanism for BlackEnergy 3 that’s actively in use today affecting SCADA systems across Europe. BlackEnergy of course has been in existence since 2007, and has evolved significantly into a complete rootkit that can perform data exfiltration and network sniffing, among other tasks. In the following write up SentinelOne security researchers detail the results of reverse engineering this latest sample that demonstrates a new delivery tactic utilizing Microsoft Office.
Hack Chat: Conversations with cybersecurity experts
Tune in every week and learn how Cybersecurity community leaders are transforming the industry.
Carbanak & Fin7 results
MITRE Engenuity ATT&CK Evaluation Results
Record Performance. Watch our MITRE webinar to see SentinelOne’s victorious performance against Carbanak & Fin7.
Get a demo
Defeat every attack, at every stage of the threat lifecycle with SentinelOne
Book a demo and see the world’s most advanced cybersecurity platform in action.