BlackEnergy (908216c7-3ad4-4e0c-9dd3-a7ed5d1c695f)
BlackEnergy is a malware toolkit that has been used by both criminal and APT actors. It dates back to at least 2007 and was originally designed to create botnets for use in conducting Distributed Denial of Service (DDoS) attacks, but its use has evolved to support various plug-ins. It is well known for being used during the confrontation between Georgia and Russia in 2008, as well as in targeting Ukrainian institutions. Variants include BlackEnergy 2 and BlackEnergy 3. [F-Secure BlackEnergy 2014]
| Cluster A | Galaxy A | Cluster B | Galaxy B | Level |
|---|---|---|---|---|
| BlackEnergy (908216c7-3ad4-4e0c-9dd3-a7ed5d1c695f) | Tidal Software | Sandworm Team (16a65ee9-cd60-4f04-ba34-f2f45fcfc666) | Tidal Groups | 1 |