ESET Research

An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q4 2024 and Q1 2025

ESET researchers uncover a Russia-aligned espionage operation targeting webmail servers via XSS vulnerabilities

ESET researchers analyzed Spellbinder, a lateral movement tool used to perform adversary-in-the-middle attacks

ESET researchers discover new ties between affiliates of RansomHub and of rival gangs Medusa, BianLian, and Play

ESET researchers uncover the toolset used by the FamousSparrow APT group, including two undocumented versions of the group’s signature backdoor, SparrowDoor

ESET researchers detail a global espionage operation by FishMonger, the APT group run by I‑SOON

ESET researchers uncovered MirrorFace activity that expanded beyond its usual focus on Japan and targeted a Central European diplomatic institute with the ANEL backdoor

Big shifts in the infostealer scene, novel attack vector against iOS and Android, and a massive surge in investment scams on social media

ESET researchers analyzed a campaign delivering malware bundled with job interview challenges