ABSTRACT
On December 23, 2015, around half of the homes in the Ivano-Frankivsk region in Ukraine (population around 1.4 million) were left without electricity for a few hours. According to the Ukrainian news media outlet TSN, the cause of the power outage was a "hacker attack" utilizing a "virus." It was discovered that the attackers have been using a malware family called BlackEnergy. The cybercriminal group behind the BlackEnergy, the malware family that has been around since 2007 and has made a comeback in 2014, was also active in 2015. BlackEnergy is a popular crimeware that is sold in the Russian cyber underground and dates back to as early as 2007. Originally it was designed as a toolkit for creating botnets for use in conducting disturbed denial-of-service attacks. There is little information on how exactly victims are receiving the BlackEnergy malware being pushed by the Quedagh gang, who are identified as having particular interest in political targets.
