IT systems at Kiev's main airport were floored over the weekend, sparking a renewed warning from Ukraine's Computer Emergency Response Team (CERT-UA) about further BlackEnergy malware-based attacks.
“Attention: system administrators present a short list of indicators [that] network systems and networks [have been] compromise[d] with BlackEnergy malware,” CERT-UA said in an advisory (according to Google translation of Ukrainian language original here).
“We recommend checking the log files and information flows for the presence / absence of these indicators,” it added.
Malware similar to the BlackEnergy pathogen that reportedly affected three Ukrainian power utilities last month was detected last weekend on computers at Kiev's main airport, Boryspil, according to the airport's press service, Reuters reports.
The BlackEnergy malware and hackers were “clearly” behind power outages in western Ukraine, a SANS expert recently concluded.
Russia is, unsurprisingly, the prime suspect in the malfeasance in which malware spread using spear-phishing is reckoned to have played a key role.
http://www.theregister.co.uk/2016/01/18/blackenergy_power_outage_malware_kiev_airport/