GreyEnergy malware has 'massive amounts of junk code' meant to confuse researchers
By Sean Lyngaas
Link to the article that is referenced:
This is a great article; however, it still follows the line industry is using with assigning and identifying Advance Persistent Threats based upon malware. Malware is just the tool, it is the person behind the keyboard who is the real threat. The Black Energy Group and the Grey Energy Group could very well be the same people, just using different tools for different operations. Another problem across industry is one company naming a group they have identified, when another company may have given a different name to the same group. The challenge for analysts at this point is to identify which groups are the same entities, and which are unique groups.
Comentários