216.73.216.6

BlackEnergy

The MITRE Corporation · Published 31/05/2017 23:32 · Modified 27/03/2026 01:05 Family

Essential information

Confidence
100/100
Is family
Yes
Published
31/05/2017 23:32
Modified
27/03/2026 01:05
Revoked
No
Author / Source
The MITRE Corporation
Related entities
29 attack patterns (mitre), 1 intrusion sets (apt), 1 campaign, 1 campaigns

Aliases

Black Energy

Description

[BlackEnergy](https://attack.mitre.org/software/S0089) is a malware toolkit that has been used by both criminal and APT actors. It dates back to at least 2007 and was originally designed to create botnets for use in conducting Distributed Denial of Service (DDoS) attacks, but its use has evolved to support various plug-ins. It is well known for being used during the confrontation between Georgia and Russia in 2008, as well as in targeting Ukrainian institutions. Variants include BlackEnergy 2 and BlackEnergy 3. (Citation: F-Secure BlackEnergy 2014)

Marking (TLP)

Copyright 2015-2025, The MITRE Corporation. MITRE ATT&CK and ATT&CK are registered trademarks of The MITRE Corporation.

External references

Related entities

Attack patterns, malware, vulnerabilities, indicators, intrusion sets and other entities linked to this malware.