BlackEnergy APT Group Spreading Malware via Tainted Word Docs

January 28,2016

Attackers have begun using rigged Microsoft Word documents propagated via spearphishing emails to spread the BlackEnergy Trojan.

Researchers with Kaspersky Lab’s Global Research and Analysis Team discovered a malicious Word document last week that appears to stem from a campaign against one of the malware’s favorite targets, Ukraine.

Russian-speaking actors with the BlackEnergy APT group have been using rigged Excel files and Powerpoint files as an attack vector for the malware since mid-2015 but this is the first time the group has been using Word documents, GReAT Director Costin Raiu claims.

Read full story…