We’ve recently detected a new distribution mechanism for BlackEnergy 3 that’s actively in use today affecting SCADA systems across Europe. BlackEnergy of course has been in existence since 2007, and has evolved significantly into a complete rootkit that can perform data exfiltration and network sniffing, among other tasks. In the following write up SentinelOne security researchers detail the results of reverse engineering this latest sample that demonstrates a new delivery tactic utilizing Microsoft Office.
Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.
Read more about Cyber Security
- Apple OS X Zero Day Vulnerability Can Bypass System Integrity Protection
- DragonForce Ransomware Gang | From Hacktivists to High Street Extortionists
- SharePoint ToolShell | Zero-Day Exploited in-the-Wild Targets Enterprise Servers
- ReaderUpdate Reforged | Melting Pot of macOS Malware Adds Go to Crystal, Nim and Rust Variants
- Caught in the CAPTCHA: How ClickFix is Weaponizing Verification Fatigue to Deliver RATs & Infostealers
- Dragon RaaS | Pro-Russian Hacktivist Group Aims to Build on “The Five Families” Cybercrime Reputation
