category
More Technical

Released Android malware source code used to run a banking botnet

ESET researchers have discovered a new variant of botnet-forming Android banking malware based on source code made public a couple of months ago.

Sunny with a chance of stolen credentials: Malicious weather app found on Google Play

ESET has spotted a new banking malware on Google Play. Disguised as a weather forecast app, it steals banking credentials and locks screens.

New crypto-ransomware hits macOS

This last month we have seen a new ransomware for Mac. Written in Swift, it is distributed on BitTorrent distribution site as “Patcher” for pirating popular software.

Demystifying targeted malware used against Polish banks

The purpose of this blog is to deliver technical details of an as-yet minimally documented malware that has made headlines in Poland.

New Android trojan mimics user clicks to download dangerous malware

Android users are exposed to a new malicious app imitating Adobe Flash Player and serving as an entrance gate for potentially any kind of dangerous malware

Windows 10 anniversary update: Security and privacy, hope and change?

With analysts predicting a big shift to Windows 10 in the enterprise in 2017, a new ESET white paper looks at security and privacy changes in Windows 10 Anniversary Update, the build that Microsoft expects its business customers to run on the majority of their desktop computers.

KillDisk now targeting Linux: Demands $250K ransom, but can’t decrypt

ESET has discovered a Linux variant of the KillDisk component that renders Linux machines unbootable, while encrypting files and requesting a large ransom at the same time.

New Linux/Rakos threat: devices and servers under SSH scan (again)

ESET’s Peter Kálnai and Michal Malik report on a new Linux/Rakos threat – devices and servers are under SSH scan again.

The rise of TeleBots: Analyzing disruptive KillDisk attacks

ESET’s Anton Cherepanov analyzes the work of TeleBots, a malicious toolset that was used in focused cyberattacks against targets in Ukraine’s financial sector.

Modern attacks on Russian financial institutions

ESET’s Anton Cherepanov Jean-Ian Boutin discuss their paper, titled Modern Attacks on Russian Financial Institutions, which was published earlier this year.

Readers of popular websites targeted by stealthy Stegano exploit kit hiding in pixels of malicious ads

Millions of readers who visit popular news websites have been targeted by a series of malicious ads redirecting them to the Stegano exploit kit.

Tesco Bank not alone in being targeted by Retefe malware

Tesco Bank, which recently saw thousands of its customers lose funds to cybercriminals, has been found on the target list of the so-called Retefe malware.

Linux/Moose: Still breathing

For the past year, ESET and the security firm GoSecure combined their skills in order to research Linux/Moose further. Here’s some of what was uncovered.

Lifting the lid on Sednit: A closer look at the software it uses

ESET’s threat analysts have taken a closer look at the software used by Sednit to spy on its targets and steal confidential information.

Cybercriminals target Brazilian routers with default credentials

Criminals are hunting for routers with default credentials and with vulnerabilities in their firmware, with Brazilians the main target.

New ESET research paper puts Sednit under the microscope

Security researchers at ESET have released their latest research into the notorious and highly experienced Sednit cyberespionage group.

Book of Eli: African targeted attacks

ESET’s latest research analyzes a piece of malware active since 2012, but which has targeted one specific country – Libya.

How encryption molded crypto-ransomware

Recently ESET has seen significantly increasing volumes of a particular type of ransomware known as crypto-ransomware, reports Cassius Puodzius.

TorrentLocker: Crypto-ransomware still active, using same tactics

ESET has carried out analysis of new samples of the crypto-ransomware family TorrentLocker, to compare the 2016 campaigns against its research in late 2014.

OSX/Keydnap spreads via signed Transmission application

During the last hours, OSX/Keydnap was distributed on a trusted website, which turned out to be “something else”. It spread via a recompiled version of the otherwise legitimate open source BitTorrent client application Transmission and distributed on their official website.

Follow us

Copyright © 2017 ESET, All Rights Reserved.