The BlackEnergy APT (Advanced Persistent Threat) group, once thought dormant as of 2014, was found to be still active in 2015, targeting electrical power stations and news outlets in Ukraine.
BlackEnergy, a group suspected to be of Russian origin, is a cyber-threat actor that has been active against various politically charged objectives, typical targets in cyber-espionage campaigns.
The group, named after the BlackEnergy trojan often used in their attacks, has a knack for attacking industrial control systems (ICS).
ESET researchers are confirming that, after going dormant in December 2014, new evidence has surfaced that shows that BlackEnergy was actually active in 2015 but used new tools, of which researchers had no previous knowledge.
Original source: Softpedia
View the full story here