Beyond KrØØk: Even more Wi‑Fi chips vulnerable to eavesdropping
At Black Hat USA 2020, ESET researchers delved into details about the KrØØk vulnerability in Wi-Fi chips and revealed that similar bugs affect more chip brands than previously thought
Education? Master’s Degree in Computer Science from the Slovak University of Technology in Bratislava
Highlights of your career? Giving presentations at several security conferences, including EICAR, CARO, and Virus Bulletin.
Position and history at ESET? Malware Researcher since 2007, currently holds the position Security Intelligence Team Lead.
What malware do you hate the most? Grayware/PUAs – when malware authors complain about detection and try to convince you they’re not malware.
Favorite activities? Snowboarding, listening to music, playing guitar…
What is your golden rule for cyberspace? Be reasonably paranoid..
When did you get your first computer and what kind was it? During primary school. It was an Intel 8088 palmtop, used it for programming in GW-BASIC
Favorite computer game/activity? Project I.G.I.
At Black Hat USA 2020, ESET researchers delved into details about the KrØØk vulnerability in Wi-Fi chips and revealed that similar bugs affect more chip brands than previously thought
Miloš Čermák and Robert LipovskyESET researchers uncover a previously unknown security flaw allowing an adversary to decrypt some wireless network packets transmitted by vulnerable devices
Miloš Čermák and Robert LipovskyESET research reveals a successor to the infamous BlackEnergy APT group targeting critical infrastructure, quite possibly in preparation for damaging attacks
Anton Cherepanov and Robert LipovskyESET’s analysis of a recent backdoor used by TeleBots – the group behind the massive NotPetya ransomware outbreak – uncovers strong code similarities to the Industroyer main backdoor, revealing a rumored connection that was not previously proven
Anton Cherepanov and Robert LipovskyTo help malware analysts and security researchers overcome FinFisher’s advanced anti-disassembly obfuscation and virtualization features, ESET researchers have framed some clever tricks into a whitepaper, “ESET’s guide to deobfuscating and devirtualizing FinFisher”.
Robert Lipovsky and Filip KafkaSeven years after Stuxnet first came to light, industrial systems security once again in the spotlight, reports ESET's Robert Lipovsky.
Robert LipovskyESET has analyzed a sophisticated and extremely dangerous malware, known as Industroyer, which is designed to disrupt critical industrial processes.
Anton Cherepanov and Robert LipovskyESET has discovered a Linux variant of the KillDisk component that renders Linux machines unbootable, while encrypting files and requesting a large ransom at the same time.
Robert Lipovsky and Peter KálnaiAfter BlackEnergy and Operation Potao Express, ESET researchers have uncovered another cyberespionage operation in Ukraine: Operation Groundbait.
Robert Lipovsky and Anton CherepanovLock-screen types and file-encrypting “crypto-ransomware”, both of which have been causing major financial and data losses for many years, have made their way to the Android platform. ESET has prepared a topical white paper on the growth of this insidious Android malware.
Robert Lipovsky and Lukas StefankoESET has discovered a new wave of cyberattacks attacks against Ukraine's electric power industry. Interesting, the malware that was used is not BlackEnergy.
Robert LipovskyThe recent attacks on the electrical power industry in Ukraine are connected to attacks on the media and to targeted cyber-espionage attacks against Ukrainian governmental agencies.
Robert Lipovsky and Anton CherepanovEvery now and again, ESET comes across an attack that "stands out". Odlanor malware fits that bill - this unique trojan targets players of online poker.
Robert LipovskyOperation Patao Express – Attackers spying on high-value targets in Ukraine, Russia and Belarus, and their TrueCrypt-encrypted data.
Robert Lipovsky and Anton CherepanovOver 500,000 Android users targeted by phishing apps harvesting their Facebook credentials. ESET detects these trojans as Android/Spy.Feabme.A.
Robert Lipovsky and Lukas StefankoWin32/VirLock is ransomware that locks victims’ screens but also acts as parasitic virus, infecting existing files on their computers. The virus is also polymorphic, which makes it an interesting piece of malware to analyze. This is the first time such combination of malware features has been observed.
Robert LipovskyAfter taking a look at recent Korplug (PlugX) detections, we identified two larger scale campaigns employing this well-known Remote Access Trojan. This blog gives an overview of the first one
Robert LipovskyIn this post we provide additional information on how a specially crafted PowerPoint slideshow file (.PPSX) led to the execution of a BlackEnergy dropper.
Robert LipovskyState organizations and private businesses from various sectors in Ukraine and Poland have been targeted with new versions of BlackEnergy, a malware that's evolved into a sophisticated threat with a modular architecture.
Robert LipovskyOne of the most important pieces of advice we give Android users is to refrain from downloading applications from dubious sources and to stick to the official Google Play store, where malware does show up from time to time but is much better controlled, thanks to the Google Bouncer, than on alternative app stores.
Robert LipovskyLast weekend saw the (somewhat anticipated) discovery of an interesting mobile trojan – the first spotting of a file-encrypting ransomware for Android by our detection engineers.
Robert LipovskyLast month we discovered filecoder malware which called itself “Cryptolocker 2.0”. Naturally, we wondered if this is a newer version of the widespread ransomware from the creators of the first. We look at the details that hint that it might have been created by some other, unknown, cybercrime gang.
Robert LipovskyTrojans that encrypt user files and try to extort a ransom from the victim in exchange for a decryptor utility are nothing new. We’ve noted a significant increase in Filecoder activity over the past few summer months - in this blog post we address the questions we’re getting about this issue.
Robert Lipovsky