Security researchers find solid evidence linking Industroyer to NotPetya

Malware analysts from Slovak cyber-security firm ESET have found substantial evidence that links cyber-attacks performed against Ukraine’s power grid to the same group behind the NotPetya ransomware outbreak of June 2017. The link is not a direct one, but through a third malware strain that was spotted in an unrelated hacking operation in April this year.

Researchers say this malware –the Exaramel backdoor– was deployed from the server infrastructure of Telebots, the name of the group from whose infrastructure the NotPetya ransomware also originated.

Read more about the findings of the new ESET report on ZDNet.





Gain Deeper Insights Into The Threat

Sign up to gain access to our special reports on threat actors and their tactics as well as daily Threat Brief.

Your support will enable us to continue our production of action-oriented content and help us help you stay informed on the latest in adversary activities.

Try our free two week trial.

Sign Up For Free Trial of The Daily Threat Brief