Software: BlackEnergy 3

From attackics
Jump to navigation Jump to search
BlackEnergy 3
Software
ID S0004
Aliases BlackEnergy 3
Type Malware

BlackEnergy 3 is a malware toolkit that has been used by both criminal and APT actors. It support various plug-ins including a variant of KillDisk. It is known to have been used against the Ukrainian power grid.1

Associated Software Descriptions

  • BlackEnergy 3 - 1

Techniques Used

  • Valid Accounts - BlackEnergy utilizes valid user and administrator credentials, in addition to creating new administrator accounts to maintain presence.1
  • Spearphishing Attachment - BlackEnergy targeted energy sector organizations in a wide reaching email spearphishing campaign. Adversaries utilized malicious Microsoft Word documents attachments.1