The Lazarus Group gained notoriety especially after cyber-sabotage against Sony Pictures Entertainment in 2014. Fast forward to late 2017 and the group continues to deploy its malicious tools, including disk-wiping malware known as KillDisk, to attack a number of targets.
Search results for: "KillDisk"
ESET has discovered a Linux variant of the KillDisk component that renders Linux machines unbootable, while encrypting files and requesting a large ransom at the same time.
ESET's Anton Cherepanov analyzes the work of TeleBots, a malicious toolset that was used in focused cyberattacks against targets in Ukraine's financial sector.
ESET research reveals a successor to the infamous BlackEnergy APT group targeting critical infrastructure, quite possibly in preparation for damaging attacks
ESET’s analysis of a recent backdoor used by TeleBots – the group behind the massive NotPetya ransomware outbreak – uncovers strong code similarities to the Industroyer main backdoor, revealing a rumored connection that was not previously proven
Tracing the evolution and subsequent revolution of ransomware
This blogpost reveals many details about the Diskcoder.C (aka ExPetr or NotPetya) outbreak and related information about previously unpublished attacks.
ESET has analyzed a sophisticated and extremely dangerous malware, known as Industroyer, which is designed to disrupt critical industrial processes.
David Harley and Josep Albors on the evolution of tech support scams and why the current high incidence of reports in Spain are significant.
This last month we have seen a new ransomware for Mac. Written in Swift, it is distributed on BitTorrent distribution site as “Patcher” for pirating popular software.
ESET’s Cameron Camp provides valuable insight into what you should do if you're a victim of ransomware.
Robert Lipovsky, a senior malware researcher at ESET, offers his expert insight into the recent discovery of BlackEnergy malware in Ukrainian energy distribution companies.
Highlights from the last seven days in information security include the return of the BlackEnergy trojan and security insights from CES 2016.
The recent attacks on the electrical power industry in Ukraine are connected to attacks on the media and to targeted cyber-espionage attacks against Ukrainian governmental agencies.
The cybercriminal group behind BlackEnergy, the malware family that has been around since 2007 and has made a comeback in 2014, was also active in the year 2015.