In a
blog post
published on Friday,
ESET
researcher Anton Cherepanov provides evidence linking last week’s
(Not)Petya
attacks to the BlackEnergy group;
Kaspersky
researchers also
believe
there is some evidence the two are linked, though they say there are only low confidence indicators.
Going back at least a decade, and likely cybercriminal in origin, the BlackEnergy malware family became infamous for its use in targeted attacks against the Ukraine. In a
VB2014 last-minute paper
(
video
), Anton Cherepanov and his colleague Robert Lipovsky looked at some of the attacks performed by this group – in their presentation, they made the first public mention of what would later become known as the Sandworm vulnerability (CVE-2014-4114), which was patched after they reported it to
Microsoft
.
At VB2016, Anton and Robert once again spoke about BlackEnergy, this time providing an overview of the group’s attacks. Unfortunately, no video of their talk is available, but the paper (‘BlackEnergy – what we really know about the notorious cyber attacks’) can be read in both
HTML
and
PDF
format.
Many researchers will be looking into the recent attacks against the Ukraine, and you will be pleased to know that in the next few weeks, we will open the call for last-minute papers for
VB2017
, to fill eight remaining presentation slots on the
VB2017 programme
.
In the meantime, to guarantee yourself a place at the conference (which takes place 4-6 October in Madrid), don’t forget to
register
!
Leave a Reply