The cybercriminal group behind BlackEnergy, the malware family that has been around since 2007 and has made a comeback in 2014, was also active in the year 2015.
ESET has recently observed a huge increase in detections of the Nemucod trojan, a threat that usually tries to download another malware from the internet. Those detections ratios were very high in some countries.
The free version of Ammyy’s remote administrator software were being served a bundle that contained an NSIS installer used by the gang behind Operation Buhtrap.
A banking trojan, detected by ESET as Win32/Brolux.A, is targeting Japanese internet banking users and spreading through at least two vulnerabilities: a Flash vulnerability leaked in the Hacking Team hack and the so-called unicorn bug, a vulnerability in Internet Explorer.
IKEA, KFC, H&M and 7-Eleven are just a few popular brands that are being exploited by cybercriminals via WhatsApp. We take a closer look at this multi-country, multi-brand fraud.
The latest ESET discovery of the first known Android lock-screen-type ransomware that spreads in the wild and sets the phone’s PIN lock is examined.
The recent Firefox attacks are an example of active in-the-wild exploitation of a serious software vulnerability.
Operation Patao Express – Attackers spying on high-value targets in Ukraine, Russia and Belarus, and their TrueCrypt-encrypted data.
In April, ESET’s Laboratory in Latin America received a report on an executable program named “Liberty2-0.exe.” Now, it asks is there a version 1.0?
In this blog we describe a sophisticated backdoor, called Dino by its creators. We believe this malicious software has been developed by the Animal Farm espionage group, who also created the infamous Casper, Bunny and Babar malware.
A malware family that primarily targets Linux-based consumer routers but that can infect other Linux-based embedded systems in its path: Dissecting Linux/Moose.