REUTERS
The Russian hackers used the same kind of technique of infecting computer networks while attacking the Ukrainian power companies late December and the Ukrainian media in November, 2015, that’s according to the experts from Eset, one of the world’s leading antivirus software developers, contracted for service by the affected power companies.
The analysis of the threat from KillDisk shows that the same set of tools was used both in cyberattacks on Ukrainian power companies in Ivano-Frankivsk region, and in spy attacks on the Ukrainian mass media in November 2015, according to the statement of Eset’s press service.
The computer systems were infected with BlackEnergy Trojan virus in the attacks, according to the report.
Read alsoThe Daily Beast: CIA eyes Russian hackers in 'blackout' attackThe victim would receive an email with an infected Microsoft Office file attachment. After launching the document with macros, a Trojan Win32/KillDisk was loaded and executed, which caused the system failure, according to the press service.
Eset said that KillDisk software, used by hackers in an attack on power companies, included a special code for disabling industrial systems.
Read alsoUkraine utility cyber attack wider than reported: expertsAccording to the report, during the attack on the Ukrainian media in November 2015 at the time of the local elections in Ukraine, Internet resources of StarLightMedia holding incurred significant losses. The affected resources included ICTV channel, where a large number of videos and various documents were deleted.