Lukas Stefanko

Lukas Stefanko

Malware Researcher


Education: Masters in Informatic Engineering of the Technical University in Kosice

Highlights of your career? Malware Researcher

Position and history at ESET? Joined ESET as a Malware Researcher in 2011

What malware do you hate the most? Adware and ransomware

Favorite activities? Gym, squash, reading

What is your golden rule for cyberspace? Be reasonably paranoid

Favorite computer game/activity? Elasto Mania


69 articles by Lukas Stefanko

ESET research

VajraSpy: A Patchwork of espionage apps

VajraSpy: A Patchwork of espionage apps

ESET research

VajraSpy: A Patchwork of espionage apps

ESET researchers discovered several Android apps carrying VajraSpy, a RAT used by the Patchwork APT group

Lukas Stefanko01 Feb 202412 min. read


ESET research

Beware of predatory fin(tech): Loan sharks use Android apps to reach new depths

Beware of predatory fin(tech): Loan sharks use Android apps to reach new depths

ESET research

Beware of predatory fin(tech): Loan sharks use Android apps to reach new depths

ESET researchers describe the growth of deceptive loan apps for Android and techniques they use to circumvent Google Play

Lukas Stefanko05 Dec 202321 min. read


ESET research

Unlucky Kamran: Android malware spying on Urdu-speaking residents of Gilgit-Baltistan

Unlucky Kamran: Android malware spying on Urdu-speaking residents of Gilgit-Baltistan

ESET research

Unlucky Kamran: Android malware spying on Urdu-speaking residents of Gilgit-Baltistan

ESET researchers discovered Kamran, previously unknown malware, which spies on Urdu-speaking readers of Hunza News

Lukas Stefanko09 Nov 20239 min. read


ESET research

BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps

BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps

ESET research

BadBazaar espionage tool targets Android users via trojanized Signal and Telegram apps

ESET researchers have discovered active campaigns linked to the China-aligned APT group known as GREF, distributing espionage code that has previously targeted Uyghurs

Lukas Stefanko30 Aug 202315 min. read


ESET research

Android GravityRAT goes after WhatsApp backups

Android GravityRAT goes after WhatsApp backups

ESET research

Android GravityRAT goes after WhatsApp backups

ESET researchers analyzed an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can receive commands to delete files

Lukas Stefanko15 Jun 20237 min. read


ESET research

Android app breaking bad: From legitimate screen recording to file exfiltration within a year

Android app breaking bad: From legitimate screen recording to file exfiltration within a year

ESET research

Android app breaking bad: From legitimate screen recording to file exfiltration within a year

ESET researchers discover AhRat – a new Android RAT based on AhMyth – that exfiltrates files and records audio

Lukas Stefanko23 May 20237 min. read


ESET research

Not-so-private messaging: Trojanized WhatsApp and Telegram apps go after cryptocurrency wallets

Not-so-private messaging: Trojanized WhatsApp and Telegram apps go after cryptocurrency wallets

ESET research

Not-so-private messaging: Trojanized WhatsApp and Telegram apps go after cryptocurrency wallets

ESET researchers analyzed Android and Windows clippers that can tamper with instant messages and use OCR to steal cryptocurrency funds

Lukas Stefanko and Peter Strýček16 Mar 202317 min. read


ESET research

Love scam or espionage? Transparent Tribe lures Indian and Pakistani officials

Love scam or espionage? Transparent Tribe lures Indian and Pakistani officials

ESET research

Love scam or espionage? Transparent Tribe lures Indian and Pakistani officials

ESET researchers analyze a cyberespionage campaign that distributes CapraRAT backdoors through trojanized and supposedly secure Android messaging apps – but also exfiltrates sensitive information

Lukas Stefanko07 Mar 20236 min. read


ESET research

StrongPity espionage campaign targeting Android users

StrongPity espionage campaign targeting Android users

ESET research

StrongPity espionage campaign targeting Android users

ESET researchers identified an active StrongPity campaign distributing a trojanized version of the Android Telegram app, presented as the Shagle app – a video-chat service that has no app version

Lukas Stefanko10 Jan 202311 min. read