Source: Upgraded Ukrainian Blackout Malware Sold on the Dark Web | CISO MAG
Ukrainian Blackout Malware operated by the state-sponsored BlackEnergy gang, first made news in December 2015, when it took down the entire power grid of the Ivano-Frankivsk region in Ukraine. This malware specifically targets the SSH (Secure Shell) keys, which is used to build secure communication lines between two or more machines. However, researchers at cybersecurity firm Venafi, have now seen a surge in its spread owing to its sale on the Dark Web in the form of Malware-as-a-Service (MaaS).
Upgradation of Blackout Malware
An SSH key acts as a login credential in SSH protocol-based communication. It is like having usernames and passwords, but these keys are primarily used for automated processes and for implementing single sign-on by system administrators.