Android app breaking bad: From legitimate screen recording to file exfiltration within a year
ESET researchers discover AhRat – a new Android RAT based on AhMyth – that exfiltrates files and records audio
Education: Masters in Informatic Engineering of the Technical University in Kosice
Highlights of your career? Malware Researcher
Position and history at ESET? Joined ESET as a Malware Researcher in 2011
What malware do you hate the most? Adware and ransomware
Favorite activities? Gym, squash, reading
What is your golden rule for cyberspace? Be reasonably paranoid
Favorite computer game/activity? Elasto Mania
ESET researchers discover AhRat – a new Android RAT based on AhMyth – that exfiltrates files and records audio
Lukas StefankoESET researchers analyzed Android and Windows clippers that can tamper with instant messages and use OCR to steal cryptocurrency funds
Lukas Stefanko and Peter StrýčekESET researchers analyze a cyberespionage campaign that distributes CapraRAT backdoors through trojanized and supposedly secure Android messaging apps – but also exfiltrates sensitive information
Lukas StefankoESET researchers identified an active StrongPity campaign distributing a trojanized version of the Android Telegram app, presented as the Shagle app – a video-chat service that has no app version
Lukas StefankoMalicious apps used in this active campaign exfiltrate contacts, SMS messages, recorded phone calls, and even chat messages from apps such as Signal, Viber, and Telegram
Lukas StefankoAPT-C-50’s Domestic Kitten campaign continues, targeting Iranian citizens with a new version of the FurBall malware masquerading as an Android translation app
Lukas StefankoHere's what you should know about some of the nastiest mobile malware around – from malicious software that takes phones and data hostage to RATs that allow hackers to control devices remotely
Lukas StefankoESET researchers analyzed three malicious applications targeting customers of eight Malaysian banks
Lukas StefankoESET Research uncovers a sophisticated scheme that distributes trojanized Android and iOS apps posing as popular cryptocurrency wallets
Lukas StefankoESET researchers have investigated a mobile espionage campaign that targets the Kurdish ethnic group and has been active since at least March 2020
Lukas StefankoOn iOS we have seen link shortener services pushing spam calendar files to victims’ devices.
Lukas StefankoESET research reveals that common Android stalkerware apps are riddled with vulnerabilities that further jeopardize victims and expose the privacy and security of the snoopers themselves
Lukas StefankoESET researchers uncover a new version of Android spyware used by the APT-C-23 threat group against targets in the Middle East
Lukas StefankoESET research uncovers a malicious operation that both spies on victims and leaks their data
Lukas StefankoESET researchers dissect an Android app that masquerades as an official COVID-19 contact-tracing app and encrypts files on the victim's device
Lukas StefankoESET researchers detect a new way of misusing Accessibility Service, the Achilles’ heel of Android security
Lukas StefankoAfter being targeted by an Android DDoS app, ESET seized the opportunity to analyze the attack and to help put an end to it
Lukas StefankoESET researchers discovered a year-long adware campaign on Google Play and tracked down its operator. The apps involved, installed eight million times, use several tricks for stealth and persistence.
Lukas StefankoESET analysis breaks down the first known spyware that is built on the AhMyth open-source espionage tool and has appeared on Google Play – twice
Lukas StefankoESET researchers discover a new Android ransomware family that attempts to spread to victims’ contacts and deploys some unusual tricks
Lukas Stefanko