Hackers of two Ukrainian utilities probably hit mining and railroad targets, too
The attackers who crippled Ukrainian power operators in December probably committed attacks shortly before against a mining company and a railway operator, Trend Micro said Thursday.
The security company said its latest technical research shows that the same malware — dubbed BlackEnergy and KillDisk — were probably used in the earlier actions. It didn’t name the targets of those attacks, which took place in November and December.
“There is remarkable overlap between the malware used, infrastructure, naming conventions, and to some degree, the timing of use for this malware,” wrote Kyle Wilhoit, a senior threat researcher.