BlackEnergy cyberespionage group targets Linux systems and Cisco routers
A cyberespionage group that has built its operations around a malware program called BlackEnergy has been compromising routers and Linux systems based on ARM and MIPS architectures in addition to Windows computers.
Security researchers from antivirus vendor Kaspersky Lab released a report Monday detailing some of the custom modules that the group has developed for BlackEnergy, a tool originally created and used by cybercriminals to launch distributed denial-of-service attacks.
Variants of the BlackEnergy plug-ins developed by the cyberespionage group were discovered for both Windows and Linux systems. They enhance the malware program with capabilities like port scanning, password stealing, system information gathering, digital certificate theft, remote desktop connectivity and even hard disk wiping.