We reported that Ukrainian power supply was interrupted with a malware attack attributed to Russian hackers. Eset has found that the malware was an updated version of “BlackEnergy.”

“It’s a milestone because we’ve definitely seen targeted destructive events against energy before—oil firms, for instance—but never the event which causes the blackout,” John Hultquist, head of iSIGHT’s cyber espionage intelligence practice, told Ars. “It’s the major scenario we’ve all been concerned about for so long.”

“BlackEnergy,” a package discovered in 2007 that was updated two years ago to include a host of new functions, including the ability to render infected computers unbootable, has recently been updated again to add a component dubbed KillDisk, which destroys critical parts of a computer hard drive and also appears to have functions that sabotage industrial control systems.

Eset has reported that the Ukrainian power authorities were taken in by booby-trapped macro functions embedded in Microsoft Office documents. It is distressing that millions of people could be compromised by such a simple social engineering trick.

Source: FortifyExperts