Zebrocy continues to target government-related organizations in Central Asia, both in-country and in remote locations, as well as a new diplomatic target in the Middle East. GreyEnergy is believed to be a successor to the BlackEnergy group (aka Sandworm), best known for its involvement in attacks on Ukrainian energy facilities in 2015 that led to power outages. The group has developed using Delphi, AutoIT,.NET, C# and PowerShell. Since May 2018, the group added the Go language to its arsenal the first time that we have observed a well-known APT threat actor deploy malware with this compiled open-source language.”]
Source: https://securelist.com/it-threat-evolution-q1-2019/90978/