Emotet launches major new spam campaign
The recent spike in Emotet activity shows that it remains an active threat
Bio
ESET Research
Articles by author
LoJax: First UEFI rootkit found in the wild, courtesy of the Sednit group
ESET researchers have shown that the Sednit operators used different components of the LoJax malware to target a few government organizations in the Balkans as well as in Central and Eastern Europe
DanaBot shifts its targeting to Europe, adds new features
ESET researchers have discovered new DanaBot campaigns targeting a number of European countries
Turla Mosquito: A shift towards more generic tools
ESET researchers have observed a significant change in the campaign of the infamous espionage group
Sednit update: Analysis of Zebrocy
Zebrocy heavily used by the Sednit group over last two years
Sednit update: How Fancy Bear Spent the Year
Over the past few years the Sednit group has used various techniques to deploy their various components on targets computers. The attack usually starts with an email containing either a malicious link or malicious attachment.
OSX/Proton spreading again through supply-chain attack
Our researchers noticed that the makers of the Elmedia Player software have been distributing a version of their app trojanized with the OSX/Proton malware.
DoubleLocker: Innovative Android Ransomware
DoubleLocker can change the device’s PIN, preventing victims from accessing their devices, and also encrypts the data it finds in them - a combination that has not been seen previously in the Android ecosystem.
Mid-year review: Have our security trends for 2017 become reality?
We are halfway through the year and it is a good opportunity to analyze the extent to which the ideas we gathered in the Trends 2017: Security Held Ransom report have come true.
Sednit adds two zero-day exploits using ‘Trump’s attack on Syria’ as a decoy
Sednit is back - this time with two more zero-day exploits embedded in a phishing email titled Trump's_Attack_on_Syria_English.docx.
Linux Shishiga malware using LUA scripts
The usage of the BitTorrent protocol and Lua modules separates Linux/Shishiga from other types of malware, according to analysis by ESET.
Sathurbot: Distributed WordPress password attack
This article sheds light on the current ecosystem of the Sathurbot backdoor trojan, in particular exposing its use of torrents as a delivery medium and its distributed brute-forcing of weak WordPress administrator accounts.
Carbon Paper: Peering into Turla’s second stage backdoor
The Turla espionage group has been targeting various institutions for many years. Recently, ESET found several new versions of Carbon.
Readers of popular websites targeted by stealthy Stegano exploit kit hiding in pixels of malicious ads
Millions of readers who visit popular news websites have been targeted by a series of malicious ads redirecting them to the Stegano exploit kit.
Cybercriminals target Brazilian routers with default credentials
Criminals are hunting for routers with default credentials and with vulnerabilities in their firmware, with Brazilians the main target.
OSX/Keydnap spreads via signed Transmission application
During the last hours, OSX/Keydnap was distributed on a trusted website, which turned out to be “something else”. It spread via a recompiled version of the otherwise legitimate open source BitTorrent client application Transmission and distributed on their official website.
Windows exploitation in 2015
Hacking Team exploits and new security features in Google Chrome and Microsoft Edge are just a few of the highlights of ESET's annual Windows exploitation in 2015 report.
ESET predictions and trends for cybercrime in 2016
It’s that time of the year when the information security industry takes part in its annual tradition: coming up with cybercrime predictions and trends for the next 12 months.
Sednit APT Group Meets Hacking Team
The infamous Sednit espionage group is currently using the Hacking Team exploits disclosed earlier this week to target eastern European institutions.
Windows exploitation in 2014
Today, we published our research about Windows exploitation in 2014. This report contains interesting information about vulnerabilities in Microsoft Windows and Office patched over the course of the year, drive-by download attacks and mitigation techniques.
Imitation is not always the sincerest form of flattery
Since its release in 2007, ESET Smart Security has received many accolades for its antimalware, antispam and firewall functions. However, we have recently been the recipient of a very dubious honor; a rogue antivirus program which masquerades as our own software. The Rogues Gallery Rogue antivirus is a loose family of programs that claim to