Over 1,000 North American and European energy companies have been compromised in a large-scale malware attack.
Symantec, the security firm that unearthed the campaign, has blamed the well-known hacking group Dragonfly.
Energy companies in more than 80 countries were affected, the majority of which are in the United States, Spain, France and Italy.
Symantec said Dragonfly accessed computers using a variety of techniques, including attaching malware to third-party programs, emails and websites, giving it ‘the capability to mount sabotage operations that could have disrupted energy supplies across a number of European countries’.
It used Backdoor.Oldrea to gather system information, including the computers’ Outlook address books and lists of files and programs installed, and Trojan.Karagany to upload stolen data, download new files and run them on infected computers, Symantec said.
Symantec said Dragonfly ‘bears the hallmarks of a state-sponsored operation, displaying a high degree of technical capability’.
A full report of the discovery of this cyber espionage campaign can viewed here: Dragonfly Report.