Linux/Moose: Still breathing
For the past year, ESET and the security firm GoSecure combined their skills in order to research Linux/Moose further. Here's some of what was uncovered.
Malware
A history of mobile malware from Cabir to SMS Thief
As we continue to do more things with our smartphones, the threat posed by mobile malware increases. Here's a short history of its development.
Trick or threat? How zombie IoT devices surprised the internet
It seems the current DDoS tactics from cybercriminals is to gain control over millions of IoT devices and direct their power towards any target they choose.
Lifting the lid on Sednit: A closer look at the software it uses
ESET's threat analysts have taken a closer look at the software used by Sednit to spy on its targets and steal confidential information.
New ESET research paper puts Sednit under the microscope
Security researchers at ESET have released their latest research into the notorious and highly experienced Sednit cyberespionage group.
Flashback Friday: SQL Slammer
Within a few hours of being released in the winter of 2003, SQL Slammer had brought the internet to something of a standstill. We look back at this notable worm.
Book of Eli: African targeted attacks
ESET's latest research analyzes a piece of malware active since 2012, but which has targeted one specific country – Libya.
OSX/Keydnap spreads via signed Transmission application
During the last hours, OSX/Keydnap was distributed on a trusted website, which turned out to be “something else”. It spread via a recompiled version of the otherwise legitimate open source BitTorrent client application Transmission and distributed on their official website.
Nemucod serves nasty package: Ransomware and ad-clickers
The operators of the notorious trojan downloader Nemucod seem to have stepped up their game, serving their victims with ransomware and ad-clickers.
Nemucod now spreading banking trojans in Brazil
On the morning of Friday August 12th, ESET researchers noticed a huge outbreak of a new Spy.Banker variant, detected as Spy.Banker.ADEA. It happened at around 12pm CET.
QuadRooter: Unfortunately, you can’t have it patched for now
ESET researchers have spotted fake patch apps for Android – probably the first ever malicious mobile apps masquerading as a patch for a recently discovered vulnerability.
Nemucod is back and serving an ad-clicking backdoor instead of ransomware
The trojan downloader Nemucod is back with a new campaign. However, it has changed the payload served to its victims – ransomware is not its go-to malware.
Fake Prisma apps found on Google Play
ESET researchers have discovered fake Prisma apps of different types, including several dangerous trojan downloaders. The Google Play security team has since removed them.
Flashback Friday: The Melissa virus
In 1999, David L. Smith launched the Melissa virus. Within a few hours, it had infected thousands of computers. We take a look back at its impact.
Nymaim rides again in 2016 and reaches Brazil
During the first half of this year, ESET has observed an increase in the number of detections of Nymaim, a long-known malware family whose prevalence has fallen markedly since 2014.
Over 1000 Wendy’s restaurants hacked – customers’ credit card details stolen
Fast food giant Wendy's says that it now believes that more than 1000 of its restaurants across the United States have fallen victim to a hacking gang, who used malware to steal customers' credit and debit card information.
New OSX/Keydnap malware is hungry for credentials
For the last few weeks, ESET has been investigating OSX/Keydnap, a malware that steals the content of the keychain while maintaining a permanent backdoor.
Espionage toolkit targeting Central and Eastern Europe uncovered
Over the course of the last year, ESET has detected and analyzed several instances of malware used for targeted espionage – dubbed SBDH toolkit.
Malicious scripts in compromised websites and how to protect yourself
Some of the most dangerous vectors used by cybercriminals are those that involve scripts, since they are difficult for users to detect, says Josep Albors.
Nemucod ups its game
The creators of Nemucod, the code responsible for downloading and executing malware like Locky, have been hard at work polishing their code.