SentinelOne Discovers a New Delivery Tactic for BlackEnergy 3

By Ehud Shamir -

We’ve recently detected a new distribution mechanism for BlackEnergy 3 that’s actively in use today affecting SCADA systems across Europe. BlackEnergy of course has been in existence since 2007, and has evolved significantly into a complete rootkit that can perform data exfiltration and network sniffing, among other tasks. In the following write up SentinelOne security researchers detail the results of reverse engineering this latest sample that demonstrates a new delivery tactic utilizing Microsoft Office.

You can download the full report here.

What's New

eBook

The Secrets of Evaluating Security Products

Choosing the right security products to suit your business is a serious challenge.
Download eBook

Live Demo

SentinelOne ActiveEDR

Detect Cyber Attacks without any prior knowledge
Watch Now

Live Demo

Endpoint Protection Platform Free Demo

Interested in seeing us in action?
Get Demo