Highly destructive computer malware infected power authorities in Ukraine last week and caused a power failure that affected hundreds of thousands of homes, researchers say.
The outage on December 23 left about half of the homes in the Ivano-Frankivsk region of Ukraine without electricity. Researchers from security firm iSIGHT Partners, who studied samples of the malicious code that infected at least three regional operators, confirmed the malware led to "destructive events" that in turn caused the blackout.
"It's a milestone," John Hultquist of iSIGHT told Arstechnica.com. "It's the major scenario we've all been concerned about for so long."
"This is the first time we have proof and can tie malware to a particular outage," Trend Micro researcher Kyle Wilhoit told Reuters. "It is pretty scary."
Antivirus provider ESET said multiple Ukrainian power authorities were infected by "BlackEnergy," a package discovered in 2007 that has been repeatedly updated to include new destructive functions.
Until now, BlackEnergy has mainly been used to spy on news organizations, power companies, and other industrial groups. A Moscow-backed group, Sandworm, is suspected of using it for targeted attacks.