Author
ESET Research
android-ess5
ESET Research
Go to latest posts

Cybercriminals target Brazilian routers with default credentials

Criminals are hunting for routers with default credentials and with vulnerabilities in their firmware, with Brazilians the main target.

OSX/Keydnap spreads via signed Transmission application

During the last hours, OSX/Keydnap was distributed on a trusted website, which turned out to be “something else”. It spread via a recompiled version of the otherwise legitimate open source BitTorrent client application Transmission and distributed on their official website.

Windows exploitation in 2015

Hacking Team exploits and new security features in Google Chrome and Microsoft Edge are just a few of the highlights of ESET’s annual Windows exploitation in 2015 report.

ESET predictions and trends for cybercrime in 2016

It’s that time of the year when the information security industry takes part in its annual tradition: coming up with cybercrime predictions and trends for the next 12 months.

Sednit APT Group Meets Hacking Team

The infamous Sednit espionage group is currently using the Hacking Team exploits disclosed earlier this week to target eastern European institutions.

Windows exploitation in 2014

Today, we published our research about Windows exploitation in 2014. This report contains interesting information about vulnerabilities in Microsoft Windows and Office patched over the course of the year, drive-by download attacks and mitigation techniques.

Cybercrime Trends & Predictions for 2015

As regular readers will know, every year we publish our predictions on cybercrime attacks for the year ahead. Well, our South American research team has spent the last few weeks putting together our predictions for 2015.

First exploitation of Internet Explorer ‘Unicorn bug’ in-the-wild

Microsoft released a patch last week for a critical vulnerability allowing remote code execution in Internet Explorer. This vulnerability is significant because it exploits an old bug present in Internet Explorer versions 3 through 11.

G20 2014 Summit Lure used to target Tibetan activists

APT actors trying to use big events as a lure to compromise their targets is nothing new. Tibetan NGOs being targeted by APT actors is also nothing new. Thus, surrounding the upcoming G20 2014 summit that is held in Brisbane, Australia, we were expecting to see G20 themed threats targeted at Tibetan NGOs. A Win32/Farfli (alias Gh0st RAT) sample ultimately confirmed our suspicions.

Sednit espionage group now using custom exploit kit

For at least five years the Sednit group has been relentlessly attacking various institutions, most notably in Eastern Europe. The group used several advanced pieces of malware for these targeted attacks, in particular the one we named Win32/Sednit, also known as Sofacy.

Gamescom 2014: World of Malware?

The gaming industry keeps growing, and the crowds at Cologne’s Gamescom 2014, show why big game titles are rapidly becoming a target for cybercrime. Our tips will help you enjoy the latest games – without hackers declaring ‘Game Over’.

Win32/Aibatook: Banking Trojan Spreading Through Japanese Adult Websites

Win32/Aibatook targets Japanese bank customers with an unusual Internet Explorer monitoring technique. We believe the malware has been in development for months – and is now ready for take-off.

Miniduke still duking it out

At the end of April Microsoft announced that a vulnerability in Word was actively being exploited. New variants of MiniDuke display interesting and novel features. Here, we take a closer look.

Windows exploitation in 2013

The year 2013 was notable for the appearance of 0-day vulnerabilities that were primarily used in targeted attacks. In this case, criminal hackers worked on developing exploits, only not for random propagation of malicious code, but rather for use in attacks on specific users.

Versatile and infectious: Win64/Expiro is a cross-platform file infector

Recently, our anti-virus laboratory discovered an interesting new modification of a file virus known as Expiro which targets 64-bit files for infection. File-infecting viruses are well known and have been studied comprehensively over the years, but malicious code of this type almost invariably aimed to modify 32-bit files. One such family of file viruses, called

Anonymous and the Megaupload Aftermath: Hacktivism or Just Plain Ugly?

Yesterday’s announcement by the US Department of Justice that the operators of file-sharing site Megaupload had been indicted for operating a criminal enterprise that generated over $175 million by trafficking in over half a billion dollars of pirated copyrighted material has sent shockwaves across the Internet. The accuracy of those figures may be questionable, but

October: Facebook Facepalm, Feeling Safe Online, and a Small Tsunami

ESET’s Threat Reports for September and October include some quality articles on Facebook, safety online, and backup strategy.

New Apple OS X Malware: Fake Adobe Flash Installer

A new attack against Apple Mac OS X Lion (10.7) has been detected by Intego. The threat is a Trojan, dubbed Flashback, installed via a fake Adobe Flash installer downloaded from a third party site. As with the MacDefender and Revir malware, the Flashback attack uses social engineering to entice the user to download then

PDF Trojan Appears on Mac OS X

  A new trojan has been released targeting the Macintosh Chinese-language user community.  The trojan appears to the user to be a PDF containing a Chinese language article on the long-running dispute over whether Japan or China owns the Diaoyu Islands.   When the user opens the “PDF” file, it attempts to mask the installation

Is Google Plus the Rumble in the Jungle?

If you don’t remember the Rumble in the Jungle, it was a boxing match between George Foreman and Muhammed Ali. Back in 1974 names like Foreman and Ali were as famous as companies like Google and Facebook are now. Google, like the older Ali, has been taking punches in the early rounds of the social

Follow us

Copyright © 2016 ESET, All Rights Reserved.