GreyEnergy malware has 'massive amounts of junk code' meant to confuse researchers- M20 SME Review

Updated: Mar 1, 2019


GreyEnergy malware has 'massive amounts of junk code' meant to confuse researchers

By  Sean Lyngaas

Link to the article that is referenced:

https://www.cyberscoop.com/greyenergy-reverse-engineered-nozomi/



This is a great article; however, it still follows the line industry is using with assigning and identifying Advance Persistent Threats based upon malware. Malware is just the tool, it is the person behind the keyboard who is the real threat. The Black Energy Group and the Grey Energy Group could very well be the same people, just using different tools for different operations. Another problem across industry is one company naming a group they have identified, when another company may have given a different name to the same group. The challenge for analysts at this point is to identify which groups are the same entities, and which are unique groups.


#Malware #Analysts #SME #Technology #Hacker

36 views0 comments