"The control center of the server, where the attacks originate, is in Russia," Presidential Administration Spokesman for the Anti-Terrorist Operation (ATO) Andriy Lysenko said by phone, writes Reuters.He also stated that the malware had been detected early in the airport's system and that no damage had been done. Following his initial report last week, Lysenko confirmed on Saturday that the BlackEnergy trojan had targeted Boryspil and infected one of its workstations.
"Specialists of the State Service of Special Communications prevented a possible hacker attack by Russia," he said at a briefing, as reported by Interfax. 'Yesterday, the communications specialists established that one of the workstations at the Boryspil airport was infected by Black Energy virus. The PC was disconnected from the airport's network, and the experts from the CERT UA group were informed on the incident."
"Attention to all system administrators ... We recommend a check of log-files and information traffic," CERT-UA said, according to Reuters.A special page has been created by CERT-UA to help sysadmins identify BlackEnergy. That resource is located here.