Lukas Stefanko

Bio

Malware Researcher

Education: Masters in Informatic Engineering of the Technical University in Kosice

Highlights of your career? Malware Researcher

Position and history at ESET? Joined ESET as a Malware Researcher in 2011

What malware do you hate the most? Adware and ransomware

Favorite activities? Gym, squash, reading

What is your golden rule for cyberspace? Be reasonably paranoid

Favorite computer game/activity? Elasto Mania

Articles by author

Malware

Some URL shortener services distribute Android malware, including banking or SMS trojans

On iOS we have seen link shortener services pushing spam calendar files to victims’ devices.

Lukas Stefanko 20 Jul 2021 - 02:00PM

Mobile Security

Android stalkerware threatens victims further and exposes snoopers themselves

ESET research reveals that common Android stalkerware apps are riddled with vulnerabilities that further jeopardize victims and expose the privacy and security of the snoopers themselves

Lukas Stefanko 17 May 2021 - 11:30AM

Malware

APT‑C‑23 group evolves its Android spyware

ESET researchers uncover a new version of Android spyware used by the APT-C-23 threat group against targets in the Middle East

Lukas Stefanko 30 Sep 2020 - 11:30AM

Malware

Welcome Chat as a secure messaging app? Nothing could be further from the truth

ESET research uncovers a malicious operation that both spies on victims and leaks their data

Lukas Stefanko 14 Jul 2020 - 11:30AM

Malware

New ransomware posing as COVID‑19 tracing app targets Canada; ESET offers decryptor

ESET researchers dissect an Android app that masquerades as an official COVID-19 contact-tracing app and encrypts files on the victim's device

Lukas Stefanko 24 Jun 2020 - 12:36AM

Malware

Insidious Android malware gives up all malicious features but one to gain stealth

ESET researchers detect a new way of misusing Accessibility Service, the Achilles’ heel of Android security

Lukas Stefanko 22 May 2020 - 03:00PM

Malware

Breaking news? App promises news feeds, brings DDoS attacks instead

After being targeted by an Android DDoS app, ESET seized the opportunity to analyze the attack and to help put an end to it

Lukas Stefanko 11 May 2020 - 03:15PM

Malware

Tracking down the developer of Android adware affecting millions of users

ESET researchers discovered a year-long adware campaign on Google Play and tracked down its operator. The apps involved, installed eight million times, use several tricks for stealth and persistence.

Lukas Stefanko 24 Oct 2019 - 11:30AM

Malware

First‑of‑its‑kind spyware sneaks into Google Play

ESET analysis breaks down the first known spyware that is built on the AhMyth open-source espionage tool and has appeared on Google Play – twice

Lukas Stefanko 22 Aug 2019 - 11:30AM

Ransomware

Android ransomware is back

ESET researchers discover a new Android ransomware family that attempts to spread to victims’ contacts and deploys some unusual tricks

Lukas Stefanko 29 Jul 2019 - 04:35PM

Scams

With FaceApp in the spotlight, new scams emerge

ESET researchers discover fraudulent schemes piggybacking on the popularity of the face-modifying tool FaceApp, using a fake “Pro” version of the application as a lure

Lukas Stefanko 19 Jul 2019 - 11:30AM

Malware

Malware sidesteps Google permissions policy with new 2FA bypass technique

ESET analysis uncovers a novel technique bypassing SMS-based two-factor authentication while circumventing Google’s recent SMS permissions restrictions

Lukas Stefanko 17 Jun 2019 - 11:30AM

Malware

Fake cryptocurrency apps crop up on Google Play as bitcoin price rises

ESET researchers have analyzed fake cryptocurrency wallets emerging on Google Play at the time of bitcoin’s renewed growth

Lukas Stefanko 23 May 2019 - 11:30AM

Malware

Navigating the murky waters of Android banking malware

An interview with ESET malware researcher Lukáš Štefanko about Android banking malware, the topic of his latest white paper

Lukas Stefanko 15 Feb 2019 - 11:28AM

Cryptocurrency

First clipper malware discovered on Google Play

Cryptocurrency stealers that replace a wallet address in the clipboard are no longer limited to Windows or shady Android app stores

Lukas Stefanko 8 Feb 2019 - 11:58AM

Android

Android Trojan steals money from PayPal accounts even with 2FA on

ESET researchers discovered a new Android Trojan using a novel Accessibility-abusing technique that targets the official PayPal app, and is capable of bypassing PayPal’s two-factor authentication

Lukas Stefanko 11 Dec 2018 - 02:57PM

iOS