category
More Technical

News from the Dorkside: Dorkbot botnet disrupted

Law enforcement agencies from around the globe, aided by Microsoft security researchers, today announced the disruption of one of the most widely distributed malware families – Win32/Dorkbot.

Operation Buhtrap malware distributed via ammyy.com

The free version of Ammyy’s remote administrator software were being served a bundle that contained an NSIS installer used by the gang behind Operation Buhtrap.

Multi-stage exploit installing trojan

Earlier this year, a new type of trojan caught the attention of ESET researchers. This article will take a deep dive into how the exploit works and briefly describe the final payload.

Brolux trojan targeting Japanese online bankers

A banking trojan, detected by ESET as Win32/Brolux.A, is targeting Japanese internet banking users and spreading through at least two vulnerabilities: a Flash vulnerability leaked in the Hacking Team hack and the so-called unicorn bug, a vulnerability in Internet Explorer.

Android AdDisplay using anti-bouncer technique

In order to help make Google Play a safer place for Android users, ESET continues to monitor the official Android app market for malicious or potentially unwanted applications.

WhatsApp scam extends into multiple countries and brands

IKEA, KFC, H&M and 7-Eleven are just a few popular brands that are being exploited by cybercriminals via WhatsApp. We take a closer look at this multi-country, multi-brand fraud.

Android trojan drops in, despite Google’s Bouncer

ESET recently discovered an interesting stealth attack on Android users, an app that is a regular game but with an interesting addition: the application was bundled with another application.

The Trojan Games: Odlanor malware cheats at poker

Every now and again, ESET comes across an attack that “stands out”. Odlanor malware fits that bill – this unique trojan targets players of online poker.

Aggressive Android ransomware spreading in the USA

The latest ESET discovery of the first known Android lock-screen-type ransomware that spreads in the wild and sets the phone’s PIN lock is examined.

Carbanak gang is back and packing new guns

A few days ago, CSIS published details about new Carbanak samples found in the wild. In this blog we examine the latest developments in the Carbanak story.

Firefox Under Fire: Anatomy of latest 0-day attack

The recent Firefox attacks are an example of active in-the-wild exploitation of a serious software vulnerability.

Operation Potao Express: Analysis of a cyber-espionage toolkit

Operation Patao Express – Attackers spying on high-value targets in Ukraine, Russia and Belarus, and their TrueCrypt-encrypted data.

Porn clicker keeps infecting apps on Google Play

A recently identified trojan porn clicker is still infecting apps on Google Play.

Operation Liberpy: Keyloggers and information theft in Latin America

In April, ESET’s Laboratory in Latin America received a report on an executable program named “Liberty2-0.exe.” Now, it asks is there a version 1.0?

Sednit APT Group Meets Hacking Team

The infamous Sednit espionage group is currently using the Hacking Team exploits disclosed earlier this week to target eastern European institutions.

Dino – the latest spying malware from an allegedly French espionage group analyzed

In this blog we describe a sophisticated backdoor, called Dino by its creators. We believe this malicious software has been developed by the Animal Farm espionage group, who also created the infamous Casper, Bunny and Babar malware.

ESET uncovers another porn clicker on Google Play

Porn clickers pretending to be the the Dubsmash application have found their way back onto Google Play, a month after being removed.

Dissecting Linux/Moose: a Linux Router-based Worm Hungry for Social Networks

A malware family that primarily targets Linux-based consumer routers but that can infect other Linux-based embedded systems in its path: Dissecting Linux/Moose.

Scareware: Fake Minecraft apps Scare Hundreds of Thousands on Google Play

ESET has discovered over 30 scareware apps available for download from the Google Play store. The apps have been installed by more than 600,000 Android users.

CPL Malware in Brazil: somewhere between banking trojans and malicious emails

Not only is Brazil one of the most populated countries in the world, but it is also one of the countries with the highest percentage of Internet users using online banking. The latest research from ESET is now available: CPL Malware in Brazil.

Follow us

Copyright © 2016 ESET, All Rights Reserved.