Book of Eli: African targeted attacks
ESET's latest research analyzes a piece of malware active since 2012, but which has targeted one specific country – Libya.
Malware
OSX/Keydnap spreads via signed Transmission application
During the last hours, OSX/Keydnap was distributed on a trusted website, which turned out to be “something else”. It spread via a recompiled version of the otherwise legitimate open source BitTorrent client application Transmission and distributed on their official website.
Nemucod serves nasty package: Ransomware and ad-clickers
The operators of the notorious trojan downloader Nemucod seem to have stepped up their game, serving their victims with ransomware and ad-clickers.
Nemucod now spreading banking trojans in Brazil
On the morning of Friday August 12th, ESET researchers noticed a huge outbreak of a new Spy.Banker variant, detected as Spy.Banker.ADEA. It happened at around 12pm CET.
QuadRooter: Unfortunately, you can’t have it patched for now
ESET researchers have spotted fake patch apps for Android – probably the first ever malicious mobile apps masquerading as a patch for a recently discovered vulnerability.
Nemucod is back and serving an ad-clicking backdoor instead of ransomware
The trojan downloader Nemucod is back with a new campaign. However, it has changed the payload served to its victims – ransomware is not its go-to malware.
Fake Prisma apps found on Google Play
ESET researchers have discovered fake Prisma apps of different types, including several dangerous trojan downloaders. The Google Play security team has since removed them.
Flashback Friday: The Melissa virus
In 1999, David L. Smith launched the Melissa virus. Within a few hours, it had infected thousands of computers. We take a look back at its impact.
Nymaim rides again in 2016 and reaches Brazil
During the first half of this year, ESET has observed an increase in the number of detections of Nymaim, a long-known malware family whose prevalence has fallen markedly since 2014.
Over 1000 Wendy’s restaurants hacked – customers’ credit card details stolen
Fast food giant Wendy's says that it now believes that more than 1000 of its restaurants across the United States have fallen victim to a hacking gang, who used malware to steal customers' credit and debit card information.
New OSX/Keydnap malware is hungry for credentials
For the last few weeks, ESET has been investigating OSX/Keydnap, a malware that steals the content of the keychain while maintaining a permanent backdoor.
Espionage toolkit targeting Central and Eastern Europe uncovered
Over the course of the last year, ESET has detected and analyzed several instances of malware used for targeted espionage – dubbed SBDH toolkit.
Malicious scripts in compromised websites and how to protect yourself
Some of the most dangerous vectors used by cybercriminals are those that involve scripts, since they are difficult for users to detect, says Josep Albors.
Nemucod ups its game
The creators of Nemucod, the code responsible for downloading and executing malware like Locky, have been hard at work polishing their code.
Infrastructure attacks: The next generation
ESET's David Harley revisits the Stuxnet phenomenon: How has the way we see the malware and its impact changed?
Another malware wave hits Europe, mainly downloading Locky ransomware
ESET LiveGrid® telemetry shows a spike in detections of the JS/Danger.ScriptAttachment malware in several European countries.
Another Eurovision contestant? Even malware can ‘perform music’
In contrast to the Eurovision contestants, malware writers try to make their creations as stealthy as possible. But thanks to unique behavior and sometimes even unintended showmanship of their malicious code, they end up in the limelight.
FBI: No, you shouldn’t pay ransomware extortionists
The FBI has published a list of tips to reduce the chance of ransomware being the ruin of your company - and is keen that you don't pay the extortionists.
Ransomware and the Internet of Things
A report from the Institute for Critical Infrastructure Technology warns that ransomware could be hitting more than just your regular computer in future...
Dorkbot: 5 years since detection
In the half-decade that has lapsed since Dorkbot was first identified, millions of innocent victims, going about their everyday business, have been affected in over 190 countries. It has, quite literally, wormed its malicious way into computer systems throughout the world.