Lukas Stefanko, Author at WeLiveSecurity

Bio

Lukas Stefanko

Malware Researcher

Education: Masters in Informatic Engineering of the Technical University in Kosice

Highlights of your career? Malware Researcher

Position and history at ESET? Joined ESET as a Malware Researcher in 2011

What malware do you hate the most? Adware and ransomware

Favorite activities? Gym, squash, reading

What is your golden rule for cyberspace? Be reasonably paranoid

Favorite computer game/activity? Elasto Mania

Articles by author

Malware

New Telegram-abusing Android RAT discovered in the wild

Entirely new malware family discovered by ESET researchers

Lukas Stefanko 18 Jun 2018 - 02:58PM

Scams

Android users: Beware these popularity-faking tricks on Google Play

Tricksters have been misleading users about the functionality of apps by displaying bogus download numbers

Lukas Stefanko 11 Jun 2018 - 02:58PM

Malware

Beware ad slingers thinly disguised as security apps

ESET researchers have analyzed a newly discovered set of apps on Google Play, Google's official Android app store, that pose as security applications. Instead of security, all they provide is unwanted ads and ineffective pseudo-security.

Lukas Stefanko 5 Apr 2018 - 04:01PM

Scams

Pingu Cleans Up: Subscription scam on Google Play

The game was uploaded to Google Play and attempted to trick users into unwittingly signing up for a weekly paid subscription

Lukas Stefanko 29 Mar 2018 - 02:58PM

Cryptocurrency

Cryptocurrency scams on Android: do you know what to watch out for?

The recent rise in cryptocurrency scams appearing on the Android platform in disguise has shown that such incidents are not exclusive to PCs and also highlight the importance of knowing what to look out for so you do not unintentionally take part.

Lukas Stefanko 28 Feb 2018 - 09:58AM

Malware

Banking malware on Google Play targets Polish banks

Besides delivering the promised functionalities, the malicious apps can display fake notifications and login forms seemingly coming from legitimate banking applications, harvest credentials entered into the fake forms, as well as intercept text messages to bypass SMS-based 2-factor authentication.

Lukas Stefanko 11 Dec 2017 - 02:58PM

Malware

New campaigns spread banking malware through Google Play

For a user, it can be difficult to figure out whether an app is malicious. First off it is always good only to install applications from the Google Play store, since most malware is still mainly spread through alternative stores.

Lukas Stefanko 21 Nov 2017 - 02:55PM

Malware

Multi-stage malware sneaks into Google Play

In all the cases we investigated, the final payload was a mobile banking trojan. Once installed, it behaves like a typical malicious app of this kind: it may present the user with fake login forms to steal credentials or credit card details.

Lukas Stefanko 15 Nov 2017 - 02:58PM

Cryptocurrency

Fake cryptocurrency trading apps on Google Play

With all the hype around cryptocurrencies, cybercriminals are trying to grab whatever new opportunity they can – be it hijacking users’ computing power to mine cryptocurrencies via browsers or by compromising unpatched machines, or various scam schemes utilizing phishing websites and fake apps.

Lukas Stefanko 23 Oct 2017 - 02:56PM

Trojan

BankBot trojan returns to Google Play with new tricks

The Android banking trojan that we first informed about in the beginning of this year has found its way to Google Play again and contains new tricks designed to get access to the private banking information of the user.

Lukas Stefanko 25 Sep 2017 - 02:54PM

Malware

Turn the light on and give me your passwords!

ESET researchers have discovered another banking trojan on Google Play targeting Android users – this time disguised as a Flashlight widget.

Lukas Stefanko 19 Apr 2017 - 02:00PM

Scams

Real or virtual currency? Scammers accept both

ESET researchers have discovered and reported scammers stealing PayPal and Paxful credentials disguised as a tool for YouTube monetization, and a bitcoin trading marketplace.

Lukas Stefanko 13 Apr 2017 - 02:00PM

Scams

If you download Minecraft mods from Google Play, read on …

ESET researchers have discovered 87 malicious apps on Google Play disguised as mods for Minecraft.

Lukas Stefanko 23 Mar 2017 - 02:00PM

Google

New Instagram credential stealers discovered on Google Play

ESET researchers discovered 13 new Instagram credential stealers on Google play and looked into the motivations behind their fraudulent schemes.

Lukas Stefanko 9 Mar 2017 - 02:00PM

Google

Aggressive ad-displaying Google Play app tricks users into leaving high ratings

ESET researchers have observed an increased number of apps on Google Play using social engineering techniques to boost their ratings, ranging from legitimate apps, through adware to malware.

Lukas Stefanko 8 Mar 2017 - 02:00PM

Ransomware

Talking Android ransomware extorts victims

Talking Android ransomware sounds like something out of a science fiction movie. It's not - it's very real, explains ESET's Lukas Stefanko.

Lukas Stefanko 1 Mar 2017 - 11:00AM

Malware

Released Android malware source code used to run a banking botnet

ESET researchers have discovered a new variant of botnet-forming Android banking malware based on source code made public a couple of months ago.

Lukas Stefanko 23 Feb 2017 - 02:00PM

Malware

Sunny with a chance of stolen credentials: Malicious weather app found on Google Play

ESET has spotted a new banking malware on Google Play. Disguised as a weather forecast app, it steals banking credentials and locks screens.

Lukas Stefanko 22 Feb 2017 - 03:00PM

Android

New Android trojan mimics user clicks to download dangerous malware

Android users are exposed to a new malicious app imitating Adobe Flash Player and serving as an entrance gate for potentially any kind of dangerous malware

Lukas Stefanko 14 Feb 2017 - 02:00PM

Android

Fake Prisma apps found on Google Play

ESET researchers have discovered fake Prisma apps of different types, including several dangerous trojan downloaders. The Google Play security team has since removed them.

Lukas Stefanko 3 Aug 2016 - 01:34PM

12 Next