Intelligence Reporting

Wapack Labs has identified 699 unique IP addresses believed to be infected by or associated with, possible delivery of Black Energy.  Some of these connections contained an href user agent (pointing at another location), others appeared infected with Black Energy and were identified checking into our Black Energy sinkholes. 

Black Energy, as you may recall, was used against Ukraine on 23 December 2015, in coordinated attacks against multiple regional distribution power companies in Ivano-Frankivsk Oblast, including Prykarpattya Oblenergo and Kyiv Oblenergo, resulting in a power a outages lasting for approximately three to six hours.

To view the full Black Energy report from 2015 or to download the last 90 days of Black Energy observed indicators:

Please sign into your Wapack Labs Cyber Threat Analysis Center account using your two factor authentication, and follow:

The first 25 lines of this 1274 line output is shown below:

last_seen attribution indicator
November 10th 2018, 00:00:00.000 black_energy 111.231.190.181
November 10th 2018, 00:00:00.000 black_energy 141.8.144.35
November 10th 2018, 00:00:00.000 black_energy 176.14.99.89
November 10th 2018, 00:00:00.000 black_energy 190.61.17.194
November 10th 2018, 00:00:00.000 black_energy 193.169.252.181
November 10th 2018, 00:00:00.000 black_energy 194.154.78.242
November 10th 2018, 00:00:00.000 black_energy 37.120.167.61
November 10th 2018, 00:00:00.000 black_energy 66.249.79.73
November 10th 2018, 00:00:00.000 black_energy 67.231.16.203
November 10th 2018, 00:00:00.000 black_energy 80.90.55.169
November 10th 2018, 00:00:00.000 black_energy 82.102.22.109
November 10th 2018, 00:00:00.000 black_energy 84.177.4.100
November 10th 2018, 00:00:00.000 black_energy 84.177.4.193
November 10th 2018, 00:00:00.000 black_energy 89.163.131.166
November 10th 2018, 00:00:00.000 black_energy 95.76.39.109
November 11th 2018, 00:00:00.000 black_energy 117.158.185.183
November 11th 2018, 00:00:00.000 black_energy 176.74.192.71
November 11th 2018, 00:00:00.000 black_energy 177.86.116.70
November 11th 2018, 00:00:00.000 black_energy 178.63.26.114
November 11th 2018, 00:00:00.000 black_energy 185.117.118.148
November 11th 2018, 00:00:00.000 black_energy 47.94.111.66
November 11th 2018, 00:00:00.000 black_energy 80.90.55.168
November 11th 2018, 00:00:00.000 black_energy 80.90.55.171
November 11th 2018, 00:00:00.000 black_energy 80.90.55.172

 

E-mail me when people leave their comments –

Jeff Stutzman

You need to be a member of Red Sky Alliance to add comments!

Join Red Sky Alliance