Skip to content

Latest commit

 

History

History

Energetic Bear

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
Energetic Bear_hash.md
Energetic Bear_hash.md
 
 
README.md
README.md
 
 

README.md

NAME:
Energetic Bear

Alias
DragonFly, BlackEnergy, Black Energy, Crouching Yeti, Group 24, Havex, CrouchingYeti, Koala Team, DYMALLOY, Dragonfly2, Berserker Bear, Energetic Bear

Description:
Energetic Bear is a cyberespionage group that has been active since at least 2011. They initially targeted defense and aviation companies but shifted to focus on the energy sector in early 2013. They have also targeted companies related to industrial control systems. The attackers managed to compromise a number of strategically important organizations for spying purposes and could cause energy supply disruption in the affected areas.

References:
http://www.scmagazineuk.com/iran-and-russia-blamed-for-state-sponsored-espionage/article/330401/
http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/Dragonfly_Threat_Against_Western_Energy_Suppliers.pdf
http://www.netresec.com/?page=Blog&month=2014-10&post=Full-Disclosure-of-Havex-Trojans
https://threatpost.com/energy-watering-hole-attack-used-lightsout-exploit-kit/104772/
https://dragos.com/adversaries.html
https://dragos.com/media/2017-Review-Industrial-Control-System-Threats.pdf
https://www.symantec.com/blogs/threat-intelligence/dragonfly-energy-sector-cyber-attacks