Janeleiro, the time traveler: A new old banking trojan in Brazil
ESET Research uncovers a new threat that targets organizations operating in various sectors in Brazil
Malware
Backdoor added to PHP source code in Git server breach
Had the incident gone unnoticed, the attackers could have taken over websites using the tainted code
Exchange servers under siege from at least 10 APT groups
ESET Research has found LuckyMouse, Tick, Winnti Group, and Calypso, among others, are likely using the recent Microsoft Exchange vulnerabilities to compromise email servers all around the world
Cybersecurity risks and challenges facing the financial industry
A primer on various threats looming over financial companies and the steps that these organizations can take to counter them
Malware authors already taking aim at Apple M1 Macs
The first instance of malicious code native to Apple Silicon M1 Macs emerged a month after the release of devices equipped with the company’s in-house CPUs
Kobalos – A complex Linux threat to high performance computing infrastructure
ESET researchers publish a white paper about unique multiplatform malware they’ve named Kobalos
Operation NightScout: Supply‑chain attack targets online gaming in Asia
ESET researchers uncover a supply-chain attack used in a cyberespionage operation targeting online‑gaming communities in Asia
Emotet botnet disrupted in global operation
The law enforcement action is one of the most significant operations against cybercriminal enterprises ever
Vadokrist: A wolf in sheep’s clothing
Another in our occasional series demystifying Latin American banking trojans
Operation Spalax: Targeted malware attacks in Colombia
ESET researchers uncover attacks targeting Colombian government institutions and private companies, especially from the energy and metallurgical industries
7 ways malware can get into your device
You know that malware is bad, but are you also aware of the various common ways in which it can infiltrate your devices?
Operation SignSight: Supply‑chain attack against a certification authority in Southeast Asia
ESET researchers have uncovered a supply-chain attack on the website of a government in Southeast Asia.
Operation StealthyTrident: corporate software under attack
LuckyMouse, TA428, HyperBro, Tmanger and ShadowPad linked in Mongolian supply-chain attack
Turla Crutch: Keeping the “back door” open
ESET researchers discover a new backdoor used by Turla to exfiltrate stolen documents to Dropbox
Lazarus supply‑chain attack in South Korea
ESET researchers uncover a novel Lazarus supply-chain attack leveraging WIZVERA VeraPort software
Hungry for data, ModPipe backdoor hits POS software used in hospitality sector
Backdoor authors show deep knowledge of the targeted POS software, decrypting database passwords from Windows registry values
ESET takes part in global operation to disrupt Trickbot
Throughout its monitoring, ESET analyzed thousands of malicious samples every month to help this effort
XDSpy: Stealing government secrets since 2011
ESET researchers uncover a new APT group that has been stealing sensitive documents from several governments in Eastern Europe and the Balkans since 2011
LATAM financial cybercrime: Competitors‑in‑crime sharing TTPs
ESET researchers discover surprisingly many indicators of close cooperation among Latin American banking trojans’ authors
APT‑C‑23 group evolves its Android spyware
ESET researchers uncover a new version of Android spyware used by the APT-C-23 threat group against targets in the Middle East