Highly Destructive Malware Led Ukraine to Face World’s First Blackout Caused by Hackers

Cyber-criminals are now focusing on our energy infrastructure, recently researchers said that a highly destructive malware infected at least three regional power authorities in Ukraine led to a power failure that left hundreds of thousands of homes without electricity last week.

Ukrainian news service TSN first reported the power outage in the country on December 23. The report went on to say that the outage was the result of malware that disconnected electrical substations. On Monday, researchers from security firm iSIGHT Partners said they had obtained samples of the malicious code that infected at least three regional operators. They said the malware led to “destructive events” that in turn caused the blackout. If confirmed it would be the first known instance of someone using malware to generate a power outage.

Also Read : Now Nintendo 3DS XL can Run Windows 95

John Hultquist, head of iSIGHT’s cyber espionage intelligence practice, told Ars Technica:

“It’s a milestone because we’ve definitely seen targeted destructive events against energy before—oil firms, for instance—but never the event which causes the blackout.It’s the major scenario we’ve all been concerned about for so long.”

Security software developer ESET noted on its blog that a trojan from the BlackEnergy malware family — which was first discovered in 2007 — might have been used to inject malicious code into the Ukrainian power authorities’ systems. The latest version of the tool has been found to include a secure shell (SSH) utility that can grant access to affected users’ systems. ESET also reports that the Ukrainian power grid systems were infected using macro functions embedded in Microsoft Office documents.

Also Read : A Large Web Attack Knocks BBC Websites Offline for Hours

In 2014, the group behind BlackEnergy, which iSIGHT has dubbed the Sandworm gang, targeted the North Atlantic Treaty Organization, Ukrainian and Polish government agencies, and a variety of sensitive European industries. iSIGHT researchers say the Sandworm gang has ties to Russia, although readers are cautioned on attributing hacking attacks to specific groups or governments.

Also Read : Ransom32 is First JavaScript-Based Ransomware Affecting Windows, Mac and Linux

Sabarinath is the tech-savvy founder and Editor-in-Chief of TechLog360. With years of experience in the tech industry and a computer science background, he's an authority on the latest tech news, business insights, and app reviews. Trusted for his expertise and hands-on tips for Android and iOS users, Sabarinath leads TechLog360 with a commitment to accuracy and helpfulness. When not immersed in the digital world, he's exploring new gadgets or sharing knowledge with fellow tech enthusiasts.


Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More from this stream