Breaking Research: LockerGoga Ransomware Impacts Norsk Hydro

It was reported today that Norsk Hydro has temporarily stopped aluminum production at several plants following an attack by the ransomware known as LockerGoga. Nozomi Networks Labs has conducted a preliminary evaluation of LockerGoga. Read on to learn about this ransomware and our research team’s assessment of it. The post ... Read More

GreyEnergy Malware Research Paper: Maldoc to Backdoor

When the GreyEnergy Advanced Persistent Threat (APT) was unveiled last year, I decided to put my reverse engineering skills to work and study one of its infection techniques. Find out about the methods the malware’s packer stage used to conceal its true functionality, plus get access to my full Research ... Read More

Analyzing the GreyEnergy Malware: from Maldoc to Backdoor

GreyEnergy is an Advanced Persistent Threat (APT) which has been targeting industrial networks in Eastern European countries for several years. As a security analyst, I have studied the malware and provide a detailed description of how it works, from the moment that someone receives a phishing email, until the malware ... Read More

GreyEnergy Malware Targets Industrial Critical Infrastructure

| | Blog
Recently a new advanced threat targeting the energy sector was disclosed. Called GreyEnergy, this malware is the successor to BlackEnergy, which brought down part of the Ukraine power grid in 2015. Because of the significance of the malware, our Nozomi Networks Security Research team is evaluating it. Find out what ... Read More