BlackEnergy

BlackEnergy

BlackEnergy malware first appeared in 2007 as a DDoS tool and was traded among cybercriminals until, in 2010, a Russian hacking group known as the Sandworm Team – widely  reported to have links to Russian Intelligence Service – began utilizing BlackEnergy2 (BE2) to conduct espionage against industrial control system networks. The malware is highly modular, meaning it consists of many different components which serve different functions and not all functionality is delivered to all victims.