HermeticWiper: New data‑wiping malware hits Ukraine
Hundreds of computers in Ukraine compromised just hours after a wave of DDoS attacks brings down a number of Ukrainian websites
Ukraine Crisis – Digital Security Resource Center
GreyEnergy: Updated arsenal of one of the most dangerous threat actors
ESET research reveals a successor to the infamous BlackEnergy APT group targeting critical infrastructure, quite possibly in preparation for damaging attacks
New TeleBots backdoor: First evidence linking Industroyer to NotPetya
ESET’s analysis of a recent backdoor used by TeleBots – the group behind the massive NotPetya ransomware outbreak – uncovers strong code similarities to the Industroyer main backdoor, revealing a rumored connection that was not previously proven
Analysis of TeleBots’ cunning backdoor
This article reveals details about the initial infection vector that was used during the DiskCoder.C outbreak.
TeleBots are back: Supply‑chain attacks against Ukraine
This blogpost reveals many details about the Diskcoder.C (aka ExPetr or NotPetya) outbreak and related information about previously unpublished attacks.
New WannaCryptor‑like ransomware attack hits globally: All you need to know
Numerous reports are coming out on social media about a new ransomware attack in Ukraine, which could be related to the Petya family.
Industroyer: ICS protocols were developed decades ago with no security in mind
Senior ESET malware researcher Robert Lipovsky discusses Industroyer, the biggest threat to Industrial Control Systems (ICS) since Stuxnet.
Industroyer: Biggest threat to industrial control systems since Stuxnet
ESET has analyzed a sophisticated and extremely dangerous malware, known as Industroyer, which is designed to disrupt critical industrial processes.
Operation Groundbait: Espionage in Ukrainian war zones
After BlackEnergy and Operation Potao Express, ESET researchers have uncovered another cyberespionage operation in Ukraine: Operation Groundbait.
BlackEnergy and the Ukrainian power outage: What we really know
Robert Lipovsky, a senior malware researcher at ESET, offers his expert insight into the recent discovery of BlackEnergy malware in Ukrainian energy distribution companies.
BlackEnergy trojan strikes again: Attacks Ukrainian electric power industry
The recent attacks on the electrical power industry in Ukraine are connected to attacks on the media and to targeted cyber-espionage attacks against Ukrainian governmental agencies.
Operation Potao Express: Analysis of a cyber‑espionage toolkit
Operation Patao Express – Attackers spying on high-value targets in Ukraine, Russia and Belarus, and their TrueCrypt-encrypted data.
Back in BlackEnergy *: 2014 Targeted Attacks in Ukraine and Poland
State organizations and private businesses from various sectors in Ukraine and Poland have been targeted with new versions of BlackEnergy, a malware that's evolved into a sophisticated threat with a modular architecture.