BackEngery and KillDisk Attacks

As you might have heard from news that Ukraine has lost power during December 24th and 25th in 2015. And the reason behind this outage was due to malware called BlackEngery. BlackEngery was not something that was developed overnight but actually started coming out in 2014 when it was spotted in some government systems. 

BlackEngery attack method was simple: they would send an email with an email address looking like it is coming from the Ukrain parliament and that email would have an attachment. This attachment is similar to a Microsoft excel document which will tell you to run a macro. And when you run this macro you wil be infected by the BlackEnergy malware. BlackEngery malware intention is to corrupt some files that will make the system un-bootable. Also, attacker can combine this BlackEnergy with another malware called wiper that will erase any trails that might be left by the attack. 

It was good thing that we were able to encounter of see this attack and some of the damage it can cause. We need to use this attack as an example as a means of building a strategy or intelligence in order to prevent loss of power in any country.

read more: http://www.welivesecurity.com/2016/01/04/blackenergy-trojan-strikes-again-attacks-ukrainian-electric-power-industry/