Attackers with apparent ties to Russia are behind a long-running hacking campaign dubbed “Energetic Bear” The group has long relied on phishing emails, plus exploit kits that redirect PCs to malicious websites. Last year, the group began hacking into industrial control systems vendors’ update sites and Trojanizing legitimate software updates. The most-often used tool is Havex, which gives attackers back-door access to infected PCs, allowing them to exfiltrate data. The greatest number of organizations targeted by attackers are in Spain and the United States, says Symantec.”]
Source: https://www.cuinfosecurity.com/hackers-target-energy-firms-a-7012