
© Provided by: P.ATHANASIADES & Co. SA
Behind “ransomware (Not) Petya” and “Industroyer”, the first “malware” with direct impact on industrial systems, a common group of cybercriminals is identified.
“ESET” has discovered evidence that the notorious group of cybercriminals “TeleBots” associated with “Industroyer” -the most powerful “malware” of our age, attacking industrial systems- and is responsible for the blackout in the capital of Ukraine, Kiev, in 2016.
The “TeleBots team” demonstrated their skills with “(Not) Petya malware”, which -deleting system files- paralyzed in 2017 business operations around the world. At the same time, the group of cybercriminals demonstrated its relations with “BlackEnergy”, which was used in the first blackout ever coused by “malware” in Ukraine in 2015, to follow after one year the power cut caused by “Industroyer”.
“The suspicions of a connection between “Industroyer” and the “TeleBots team” came shortly after the “Industroyer” attack on the Ukrainian power grid”,
says “ESET” researcher Anton Cherepanov, head of research for “Industroyer” and “(Not) Petya”.
“However, no evidence has been disclosed – so far”.
In April 2018, “ESET” discovered new activity of the “TeleBots team”: the attempt for a new “backdoor”, which “ESET” detects as “Exaramel”. “ESET”‘s analysis shows that this “backdoor” is an improved version of the original “backdoor Industroyer” and is the first proof that connects “Industroyer” with the “TeleBots team”.
“The discovery of “Exaramel” shows that the “TeleBots team” is still active in 2018 and cyber criminals continue to improve their tools and tactics”,
says Cherepanov.
“We will continue to monitor the activity of this group.”
Source: www.pestaola.gr
(Συνολικές Επισκέψεις: / Total Visits: 25)
(Σημερινές Επισκέψεις: / Today's Visits: 1)