openPR Logo
Press release

GreyEnergy group targeting critical infrastructure, possibly in preparation for damaging attacks

10-17-2018 01:16 PM CET | IT, New Media & Software

Press release from: Vistar Communications

ESET has uncovered details of a successor to the BlackEnergy APT group. Named GreyEnergy by ESET, this threat actor focuses on espionage and reconnaissance, quite possibly in preparation for future cybersabotage attacks.

BlackEnergy has been terrorizing Ukraine for years and rose to prominence in December 2015 when they caused a blackout that left 230 thousand people without electricity in the first-ever blackout caused by a cyberattack. Around the time of that breakthrough incident, ESET researchers started detecting another malware framework and named it GreyEnergy.

“We have seen GreyEnergy involved in attacks at energy companies and other high-value targets in Ukraine and Poland over the past three years,” says Anton Cherepanov, ESET Senior Security Researcher who led the research.

The 2015 attack on Ukrainian energy infrastructure was the most recent known operation where the BlackEnergy toolset was used. Subsequently, ESET researchers documented a new APT subgroup, TeleBots.

TeleBots are most notable for the global outbreak of NotPetya, the disk-wiping malware that disrupted global business operations in 2017 and caused damages in the sum of billions of US dollars. As ESET researchers recently confirmed, TeleBots are also connected to Industroyer, the most powerful modern malware targeting industrial control systems and the culprit behind the second electrical blackout in Ukraine’s capital, Kiev, in 2016.

“GreyEnergy surfaced along with TeleBots, but unlike its better-known cousin, GreyEnergy’s activities are not limited to Ukraine and so far, haven’t been damaging. Clearly, they want to fly under the radar,” comments Anton Cherepanov.

According to ESET’s thorough analysis, GreyEnergy malware is closely related to both BlackEnergy and TeleBots malware. It is modular in construction, so its functionality is dependent on the particular combination of modules its operator uploads to the victim’s systems.

The modules described in ESET’s analysis were used for espionage and reconnaissance purposes and include: backdoor, file extraction, taking screenshots, keylogging, password and credential stealing, etc.
“We have not observed any modules that specifically target Industrial Control Systems software or devices. We have, however, observed that GreyEnergy operators have been strategically targeting ICS control workstations running SCADA software and servers,” explains Anton Cherepanov.

ESET’s disclosure and analysis of GreyEnergy is important for a successful defense against this particular threat actor as well as for better understanding the tactics, tools and procedures of the most advanced APT groups.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint and mobile security, to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give consumers and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real-time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D centers worldwide, ESET becomes the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003. For more information visit www.eset.com or follow us on LinkedIn, Facebook and Twitter.

3rd Floor
Dubai Internet City
Dubai, UAE

This release was published on openPR.

Permanent link to this press release:

Copy
Please set a link in the press area of your homepage to this press release on openPR. openPR disclaims liability for any content contained in this release.

You can edit or delete your press release GreyEnergy group targeting critical infrastructure, possibly in preparation for damaging attacks here

News-ID: 1309710 • Views: 152

More Releases from Vistar Communications

AOC launches brand new series of Surveillance Monitors
AOC, the display specialist today announced the expansion of product portfolio with the introduction of its brand new E1 series of surveillance monitors targeting the fast growing regional market for video surveillance. According to the analysts 6Wresearch, the Middle East commercial security market will grow by nearly 17 percent annually over the next six years, valuing US$7.4 billion in 2024, compared to an estimated US$2.9 billion in 2018. Video surveillance
ESET launches new security solutions to protect constantly-connected users
The latest version of ESET NOD32 Antivirus, ESET Internet Security and ESET Smart Security Premium that offers fortified multilayered protection, enhanced IoT protection, product referral and a new security report feature is released today. Users can rely on the best balance of speed, detection and usability acknowledged by multiple testing bodies to protect their constantly-connected devices. It is predicted that by 2025, there will be over 75 billion connected devices
Paladion Cited among 10 Top Emerging Managed Security Services Providers
Paladion is among the 10 top emerging managed security service providers (MSSPs), according to The Forrester Wave: Emerging Managed Security Services Providers (MSSPs), Q3 2018. To build their list, the firm performed a comprehensive review of emerging MSSPs, and evaluated providers on 24 criteria. The results were published in the Forrester Wave report, which stated that “Paladion’s' strength lies in its actionable data and dashboard. “We are happy that Forrester named
Philips and AOC to showcase their comprehensive range of monitors during GITEX T …
MMD, the brand license partner for Philips displays and AOC monitors today announced that it has partnered with region’s leading distributor, ASBIS to showcase its latest display solutions during the GITEX Technology Week at Fujairah Meeting Room A and B, above Hall 8, Dubai World Trade Center in Dubai, UAE from 14th to 18th October 2018. Philips and AOC monitors together boosts the largest range of product portfolio in the world

All 5 Releases


More Releases for ESET

ESET Security Days arrive in Dubai
ESET, the world leading cybersecurity firm today announced that it will be hosting the ESET Security Days in Dubai. The company will host a diverse gathering of business owners and decision makers hailing from various industry verticals from all across UAE. The Dubai edition of ESET Security Days will be held at Shangri-La Hotel, Sheikh Zayed Road, Dubai, UAE on 25 September 2018 and it will provide a common platform
ESET joins Cybersecurity Tech Accord
It was over thirty years ago that the founders of ESET created the first version of the now globally recognized antimalware product used on over 110 million devices in homes, workplaces and on mobile devices. Their commitment, and that of everyone at ESET, is as strong today as it was back then, which is the reason ESET has partnered with more than thirty other technology companies and joined the Cybersecurity
ESET to Launch ESET Smart Security 7 and Demonstrate ESET Endpoint Security Solu …
DUBAI, United Arab Emirates, October 09, 2013: ESET®, the global leader in proactive digital protection with a record of 10 years consecutive VB100 awards for its award-winning ESET NOD32® technology, has announced that it will unveil ESET Smart Security Version 7, an all-in-one Internet Security solution for home and business customers, at GITEX Technology Week 2013 in Dubai. The company will also highlight ESET Endpoint Security for business users, which
ESET Launches ESET Technology Alliance Program
DUBAI, United Arab Emirates, October 06, 2013: ESET®, the global leader in proactive digital protection with a record of 10 years consecutive VB100 awards for its award-winning ESET NOD32® technology, today launched the ESET Technology Alliance - an integration partnership. The aim of the program is to better protect businesses with a range of complimentary IT security solutions that seamlessly integrate with ESET products. All members of the ESET Technology Alliance
ESET Secures Record 63rd ‘VB100’ Award
Dubai, United Arab Emirates, August 16, 2010 – ESET, the global leader in proactive threat protection, announced that it has captured its 63rd VB100 award from Virus Bulletin, the widely-respected independent comparative testing group, and leads all antivirus vendors with a record-setting 46 straight VB100 awards. The August report of Virus Bulletin focused on the Windows Vista Business Edition SP2 platform; of the 54 products participating, 35 passed and 19
ESET Exhibits At GITEX Saudi Arabia 2010
ADAOX promotes ESET NOD32 Antivirus and ESET Smart Security suite as well as meets with customers and partners at Saudi’s leading technology exhibition. Dubai, United Arab Emirates, April 27, 2010: ADAOX Middle East, the regional business development centre of ESET NOD32 Antivirus, today announced that ESET is participating in GITEX Saudi Arabia, which is being held in Riyadh from April 25-29, 2010 at the Riyadh Exhibition Centre. The company is