Alias Description | Votes |
---|---|
Sandworm is a possible alias for BlackEnergy. Sandworm, a threat actor believed to be linked to Russia, has been identified as one of the most active groups supporting Russian military activities in Ukraine. Notorious for its sophisticated cyber-attacks, Sandworm has compromised 11 Ukrainian telecommunications providers, significantly disruptin | 5 |
Industroyer is a possible alias for BlackEnergy. Industroyer, also known as CrashOverride, is a potent malware specifically designed to target Industrial Control Systems (ICS) used in electrical substations. It first gained notoriety for its role in the 2016 cyberattack on Ukraine's power grid, which resulted in a six-hour blackout in Kyiv. The ma | 4 |
GreyEnergy is a possible alias for BlackEnergy. GreyEnergy is a type of malware, or malicious software, designed to exploit and damage computer systems. It is believed to have been used in attacks on Ukraine's power grid in 2018 by the Russia-linked Advanced Persistent Threat (APT) group, Sandworm. Security firm WithSecure has identified overlaps | 4 |
Telebots is a possible alias for BlackEnergy. TeleBots, a notorious threat actor group also known as Sandworm, BlackEnergy, Iron Viking, Voodoo Bear, and Seashell Blizzard, has been identified as operating under the control of Unit 74455 of the Russian GRU's Main Center for Special Technologies (GTsST). Active since 2000, the group is recognize | 3 |
Sandworm Team is a possible alias for BlackEnergy. The Sandworm Team, a threat actor associated with Russia's military intelligence-linked group, has demonstrated significant capabilities in developing custom malware to target Operational Technology (OT) and Industrial Control Systems (ICSs). Since at least 2015, the team has used the "BlackEnergy" | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The NotPetya Malware is associated with BlackEnergy. NotPetya is a notorious malware that surfaced in 2017, causing significant global damage while primarily targeting Ukraine's infrastructure. Disguised as ransomware, it was different from other similar malicious programs like WannaCry, TeslaCrypt, and DarkSide because it was data destructive, posing | is related to | 4 |
The Kapeka Malware is associated with BlackEnergy. Kapeka is a previously unknown malware that operates as a backdoor into systems, linked to the Russian Sandworm Advanced Persistent Threat (APT) group. The malicious software can infiltrate a system through suspicious downloads, emails, or websites, often without the user's knowledge. Once inside, i | is related to | 4 |
The Stuxnet Malware is associated with BlackEnergy. Stuxnet, discovered in 2010, is one of the most infamous examples of advanced persistent threat (APT) attacks. Co-developed by the United States and Israel, Stuxnet was a military-grade cyberweapon that specifically targeted Iran’s nuclear enrichment facility at Natanz, marking a significant milesto | Unspecified | 2 |
The Gozi Malware is associated with BlackEnergy. Gozi is a notorious malware that has been linked to numerous cyber attacks. It's typically delivered through sophisticated malvertising techniques, often used in conjunction with other initial access malware such as Pikabot botnet agent and IcedID information stealer. When an individual accesses a c | Unspecified | 2 |
The Zeus Malware is associated with BlackEnergy. Zeus is a notorious malware, short for malicious software, designed to exploit and damage computer systems. It is often spread through suspicious downloads, emails, or websites and can infiltrate systems without the user's knowledge. Once inside, it can steal personal information, disrupt operations | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The threatActor Quedagh is associated with BlackEnergy. | Unspecified | 2 |
The Gamaredon Threat Actor is associated with BlackEnergy. Gamaredon, a Russia-aligned threat actor, has emerged as one of the most active Advanced Persistent Threat (APT) groups in Ukraine, particularly since Russia's 2022 invasion of the country. Composed of regular officers from the Russian Federal Security Service (FSB) and some former law enforcement o | Unspecified | 2 |
Alias Description | Association Type | Votes |
---|---|---|
The CVE-2014-4114 Vulnerability is associated with BlackEnergy. CVE-2014-4114 is a significant vulnerability that lies within the design or implementation of software. This flaw specifically targets the Microsoft Windows OLE Package Manager, enabling remote code execution. The exploit was primarily used in .pps files, which are PowerPoint presentation files, mak | Unspecified | 2 |
Preview | Source Link | CreatedAt | Title |
---|---|---|---|
DARKReading | 6 months ago | ||
Securityaffairs | 7 months ago | ||
DARKReading | 7 months ago | ||
BankInfoSecurity | 7 months ago | ||
CERT-EU | 8 months ago | ||
DARKReading | 8 months ago | ||
Securityaffairs | 10 months ago | ||
CERT-EU | a year ago | ||
Securelist | a year ago | ||
Securityaffairs | a year ago | ||
CERT-EU | a year ago | ||
Securityaffairs | a year ago | ||
CERT-EU | a year ago | ||
Securityaffairs | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago | ||
CERT-EU | a year ago |