Tag: Energy Sector
-
Digital Scorched Earth: The “Lotus Wiper” Attack Paralyzing Venezuela’s Energy Grid
A sophisticated destructive malware, designated as Lotus Wiper, has been identified within Venezuela, specifically targeting the energy and public utility sectors. The artifacts associated with this incursion were disclosed in the public domain in December 2025. This malicious software eschews ransom demands and encryption in favor of a singular, more malevolent objective: the absolute eradication…
-
The Gaddafi Lure: How a “Leaked Video” Led to the Clandestine Hijacking of Libya’s Oil Giant
The kinetic strike commenced with a sensational headline heralding a “leaked video” and culminated in clandestine dominion over the networks of a sovereign petroleum enterprise. Over the span of several months, the digital marauders imperceptibly entrenched themselves within a multitude of Libyan institutions simultaneously, encompassing a prominent oil refinery. This relentless series of bombardments endured…
-
MFA Under Siege: Microsoft Unveils Stealthy AiTM Attacks Striking the Energy Sector
Microsoft has disclosed a sophisticated sequence of multi-stage incursions leveraging Adversary-in-the-Middle (AiTM) session hijacking in tandem with Business Email Compromise (BEC) methodologies. The offensive specifically targeted entities within the energy sector, with adversaries weaponizing SharePoint as a primary vector for the dissemination of deleterious links and the subsequent entrenchment within compromised environments. The inaugural phase…
-
The Tenfold Surge: China’s 2025 Cyber Blitz on Taiwan’s Power Grid
In its most recent assessment, Taiwan’s National Security Bureau has characterized 2025 as an epoch in which Chinese cyber incursions transcended mere background noise to become an instrument of systemic coercion against critical industries. The most precipitous surge was observed within the energy sector, where the bureau contends that the frequency of incidents has escalated…
-
Anatomy of a Cyberattack: Inside the Campaign Against Kazakhstan’s Energy Sector
The Seqrite Labs APT-Team has uncovered a new campaign targeting Kazakhstan’s energy sector. Tracked since April 2025, the operation has been attributed to a previously unknown group, now dubbed NoisyBear. Its primary victim was the national oil and gas company KazMunaiGas (KMG). Attackers sent employees emails from spoofed corporate addresses, disguising them as announcements about…
-
“OneClik” APT Unmasked: China-Linked Campaign Abuses Microsoft ClickOnce & AWS Cloud to Target Energy Sector
Cybercriminals have launched a large-scale campaign dubbed OneClik, targeting companies in the energy, oil, and gas sectors. The attack leverages Microsoft’s legitimate ClickOnce technology and a custom-designed backdoor known as RunnerBeacon, allowing threat actors to maintain a stealthy presence within targeted systems and evade detection. ClickOnce is a deployment technology designed to install and automatically…