BlackEnergy (Group) is an alternate name for the group known as Sandworm Team

---

BlackEnergy is an advanced persistent threat group that has been active since at least 2014. It is believed to be based in Eastern Europe and primarily targets Ukrainian organizations, including government agencies, media outlets, and energy companies. The group uses a variety of tactics, such as spear-phishing emails and malware attacks, to gain access to their target's networks and steal sensitive information. BlackEnergy has been linked to several high-profile cyberattacks in Ukraine, including the 2015 power outage that affected over 80,000 people.

Techniques, tactics and practices:

BlackEnergy uses a variety of techniques to gain access to their target's networks. Some common methods include spear-phishing emails that contain malicious attachments or links, and the use of social engineering tactics such as impersonating legitimate organizations in order to trick users into downloading malware. Once inside a network, BlackEnergy may install additional tools on compromised systems, including remote access Trojans (RATs) which allow them to control infected machines from afar. They also use techniques like stealthy persistence and anti-forensic measures in order to avoid detection by security software or investigators.