REUTERS

Security company ESET reveals that it discovered a new group called TeleBots whose modus operandi is very similar to the one of BlackEnergy. TeleBots are primarily targeting Ukrainian banks, the firm says, and use spear-phishing emails that include malicious Excel documents to infect computers, Softpedia reports.

Systems are infected with a backdoor which is very similar to the Trojan used by BlackEnergy in its previous attacks against Ukraine.

Eventually, attackers also deploy KillDisk, which is a destructive malware that renders the operating system unbootable and which is once again similar to the one used against power grid companies in Ukraine.

Видео дня

Once it infects a system, KillDisk deletes system files and registers itself as a service, changing the boot screen with a picture from Mr. Robot TV show.

At the moment, it's not yet clear how many of these attacks were successful, if any, but Russian hackers are again believed to be behind the group, just like it happened before when the Ukrainian power grid was taken offline.