A computer worm used to target the Iranian uranium enrichment facility outside Natanz, Iran. It is considered the first cyberweapon due to its ability to cause a physical effect. It was used to degrade and destroy approximately 1,000 centrifuges at the Natanz facility.
BlackEnergy malware first appeared in 2007 as a DDoS tool and was traded among cybercriminals until, in 2010, a Russian hacking group known as the Sandworm Team – widely reported to have links to Russian Intelligence Service – began utilizing BlackEnergy2 (BE2) to conduct espionage against industrial control system networks. The malware is highly modular, meaning it consists of many different components which serve different functions and not all functionality is delivered to all victims.