SentinelOne Discovers a New Delivery Tactic for BlackEnergy 3 | SentinelOne.com
Experiencing a Breach?
en
en
Get a Demo
Back
Get a Demo
Experiencing a Breach?

SentinelOne Discovers a New Delivery Tactic for BlackEnergy 3

by Ehud Shamir

We’ve recently detected a new distribution mechanism for BlackEnergy 3 that’s actively in use today affecting SCADA systems across Europe. BlackEnergy of course has been in existence since 2007, and has evolved significantly into a complete rootkit that can perform data exfiltration and network sniffing, among other tasks. In the following write up SentinelOne security researchers detail the results of reverse engineering this latest sample that demonstrates a new delivery tactic utilizing Microsoft Office.

You can download the full report here.

Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

Read More

Get a demo

Defeat every attack, at every stage of the threat lifecycle with SentinelOne

Book a demo and see the world’s most advanced cybersecurity platform in action.

Get Demo

SentinelLabs

SentinelLabs: Threat Intel & Malware Analysis

We are hunters, reversers, exploit developers, & tinkerers shedding light on the vast world of malware, exploits, APTs, & cybercrime across all platforms.

VISIT SITE

Wizard Spider and Sandworm

MITRE Engenuity ATT&CK Evaluation Results

SentinelOne leads in the latest Evaluation with 100% prevention. Leading analytic coverage. Leading visibility. Zero detection delays.

SEE RESULTS