https://www.helpnetsecurity.com/2016/01/04/blackenergy-apt-is-back-deleting-files-and-killing-computer-systems/
The BlackEnergy APT - or SandWorm group, as some researchers call it - has been active since 2007 (at least). Its past exploits include cyber-espionage
deleting filescomputer systemsblackenergyaptback
https://www.tripwire.com/state-of-security/blackenergy-involved-in-targeted-attack-against-boryspil-airport-says-ukraine
Ukrainian officials stated over the weekend that they have traced a targeted attack against Boryspil International Airport back to the BlackEnergy trojan.
targeted attackboryspil airportblackenergyinvolvedsays