ESET Research goes to RSA Conference 2021 with two presentations
We will explore two threats – Android stalkerware and XP exploits
ESET Research
Ousaban: Private photo collection hidden in a CABinet
Another in our occasional series demystifying Latin American banking trojans
(Are you) afreight of the dark? Watch out for Vyveva, new Lazarus backdoor
ESET researchers discover a new Lazarus backdoor deployed against a freight logistics firm in South Africa
Janeleiro, the time traveler: A new old banking trojan in Brazil
ESET Research uncovers a new threat that targets organizations operating in various sectors in Brazil
Exchange servers under siege from at least 10 APT groups
ESET Research has found LuckyMouse, Tick, Winnti Group, and Calypso, among others, are likely using the recent Microsoft Exchange vulnerabilities to compromise email servers all around the world
Kobalos – A complex Linux threat to high performance computing infrastructure
ESET researchers publish a white paper about unique multiplatform malware they’ve named Kobalos
Operation NightScout: Supply‑chain attack targets online gaming in Asia
ESET researchers uncover a supply-chain attack used in a cyberespionage operation targeting online‑gaming communities in Asia
Vadokrist: A wolf in sheep’s clothing
Another in our occasional series demystifying Latin American banking trojans
Operation Spalax: Targeted malware attacks in Colombia
ESET researchers uncover attacks targeting Colombian government institutions and private companies, especially from the energy and metallurgical industries
Operation SignSight: Supply‑chain attack against a certification authority in Southeast Asia
ESET researchers have uncovered a supply-chain attack on the website of a government in Southeast Asia.
Operation StealthyTrident: corporate software under attack
LuckyMouse, TA428, HyperBro, Tmanger and ShadowPad linked in Mongolian supply-chain attack
Turla Crutch: Keeping the “back door” open
ESET researchers discover a new backdoor used by Turla to exfiltrate stolen documents to Dropbox
Lazarus supply‑chain attack in South Korea
ESET researchers uncover a novel Lazarus supply-chain attack leveraging WIZVERA VeraPort software
Hungry for data, ModPipe backdoor hits POS software used in hospitality sector
Backdoor authors show deep knowledge of the targeted POS software, decrypting database passwords from Windows registry values
ESET takes part in global operation to disrupt Trickbot
Throughout its monitoring, ESET analyzed thousands of malicious samples every month to help this effort
XDSpy: Stealing government secrets since 2011
ESET researchers uncover a new APT group that has been stealing sensitive documents from several governments in Eastern Europe and the Balkans since 2011
LATAM financial cybercrime: Competitors‑in‑crime sharing TTPs
ESET researchers discover surprisingly many indicators of close cooperation among Latin American banking trojans’ authors
APT‑C‑23 group evolves its Android spyware
ESET researchers uncover a new version of Android spyware used by the APT-C-23 threat group against targets in the Middle East
Who is calling? CDRThief targets Linux VoIP softswitches
ESET researchers have discovered and analyzed malware that targets Voice over IP (VoIP) softswitches
KryptoCibule: The multitasking multicurrency cryptostealer
ESET researchers analyze a previously undocumented trojan that is spread via malicious torrents and uses multiple tricks to squeeze cryptocoins from its victims while staying under the radar