VB2017 videos on attacks against Ukraine

Posted by   Martijn Grooten on   Dec 21, 2017

(In)security is a global problem that affects every country in the world, but in recent years, none has been as badly hit as Ukraine.

VB2017-325w.jpg

The most well known malware that affected the country is (Not)Petya, a ransomware/wiper threat that had global impact (it cost shipping firm Maersk alone $300m in lost revenues), but which hit Ukrainian businesses particularly hard. The malware spread through a compromised update pushed out by M.E.Doc's tax accounting software, which is popular in the country.

In a VB2017 presentation, NioGuard's Alexander Adamov, himself based in Ukraine, discussed how (Not)Petya and related attacks worked and what impact they had. We have now uploaded the video of his presentation to our YouTube channel.

Another VB2017 presentation, by regular VB presenters and ESET researchers Robert Lipovsky and Anton Cherepanov, looked at another, possibly even more damaging threat against Ukraine: Industroyer, the first malware designed specifically to cause a power blackout – something which did indeed happen in December 2015.

Robert and Anton are new neither to advanced attacks nor to attacks against Ukraine, as can be seen from two previous VB presentations on BlackEnergy. We have also uploaded the video of their VB2017 presentation on Industroyer to our YouTube channel.

twitter.png
fb.png
linkedin.png
googleplus.png
reddit.png

 

Latest posts:

Tendency for DDoS attacks to become less volumetric fits in a wider trend

CDN provider Cloudflare reports an increase in DDoS attacks targeting layer 7 and focusing on exhausting server resources rather than sending large volumes of data. This fits in a wider trend.

Turkish Twitter users targeted with mobile FinFisher spyware

Through fake social media accounts, users were tricked into installing an Android application that was actually a mobile version of the FinFisher spyware.

Hide'n'Seek IoT botnet adds persistence

The Hide'n'Seek IoT botnet has received an update to make its infection persist on infected devices beyond a restart.

Registration for VB2018 now open!

Registration for VB2018, the 28th International Virus Bulletin conference, is now open, with an early bird rate available until 1 July.

RSA 2018: the good, the bad, the ugly, the great and the fantastic

In April, VB's Martijn Grooten attended the RSA Expo in San Francisco. He shares his views on the expo and the industry.