Making complex data simple and compelling
From digital device to digital evidence
Unlock your vehicle's digital evidence potential
Forensic Analysis and Enhancement
Investigating and analyzing financial records
Gain access to the online accounts of deceased loved ones
Clear, precise evidence for a messy world
Expert reports to suit your specific needs
We can locate people anywhere
Stop worrying and learn the truth
Prevent, Detect, Respond To Cyberattacks
First response is crucial. Every minute counts.
The first response is critical to reduce liability
Detection & Removing Spyware Services
Reduce your electronic risk from digital transmittals
Find out who you are really talking to
Experienced, Confidential Services
Swift, professional incident response
Complicated cases require compelling digital facts
Find, recover and document digital evidence
Bring solid evidence before a judge
Cases can be investigated using Social Media
Divorce, custody battles, and other
Win the most important battle of your life
Everything you need
Effective Expert Witness in Court
Evidence shows who is telling the truth
Subpoena power yields strong evidence
Digital evidence can build a strong defense
Go to court with compelling digital evidence
Every year, cyber attacks become more specialized. In 2015 a series of attacks on the Ukrainian power system was made. During these large-scale attacks, ESET researchers began to detect another family of malicious programs, called GreyEnergy.
GreyEnergy is the successor to the BlackEnergy APT group, and, according to the analysis by ESET, it belongs to Telebots. Currently, GreyEnergy malware does not have destructive capabilities, and is focused on spyware and intelligence operations on workstations of an industrial management system with software and SCADA servers. However, it has a modular architecture, which means that its capabilities can be expanded. Plug-ins, observed by security researchers, give such possibilities a backdoor access, file filtering, screenshots capture, keystroke recording and credential theft.
In the analysis ESET researchers state that GreyEnergy’s goal is to penetrate the goal network and gather information. GreyEnergy operators also use common tools in their arsenal, such as Mimikatz, PsExec, WinExe, Nmap, and a custom port scanner. It is also worth noting that the connection is based on the technical indicators, such as code similarity, the overall infrastructure of C & C, the chain of execution of malicious programs and other evidence.
Attacks on critical infrastructure continue to grow, so stay vigilant. ESET analysis is important for providing protection against these attacks, as well as for a better understanding of the tactics, tools and procedures of modern APT groups.
Save my name, email, and website in this browser for the next time I comment.
Speak to a Specialist Now
Get Help Now