Lukas Stefanko

Lukas Stefanko

Malware Researcher


Education: Masters in Informatic Engineering of the Technical University in Kosice

Highlights of your career? Malware Researcher

Position and history at ESET? Joined ESET as a Malware Researcher in 2011

What malware do you hate the most? Adware and ransomware

Favorite activities? Gym, squash, reading

What is your golden rule for cyberspace? Be reasonably paranoid

Favorite computer game/activity? Elasto Mania


74 articles by Lukas Stefanko

Android GravityRAT goes after WhatsApp backups

Android GravityRAT goes after WhatsApp backups

Android GravityRAT goes after WhatsApp backups

ESET researchers analyzed an updated version of Android GravityRAT spyware that steals WhatsApp backup files and can receive commands to delete files

Lukas Stefanko15 Jun 20237 min. read


Android app breaking bad: From legitimate screen recording to file exfiltration within a year

Android app breaking bad: From legitimate screen recording to file exfiltration within a year

Android app breaking bad: From legitimate screen recording to file exfiltration within a year

ESET researchers discover AhRat – a new Android RAT based on AhMyth – that exfiltrates files and records audio

Lukas Stefanko23 May 20237 min. read


Not-so-private messaging: Trojanized WhatsApp and Telegram apps go after cryptocurrency wallets

Not-so-private messaging: Trojanized WhatsApp and Telegram apps go after cryptocurrency wallets

Not-so-private messaging: Trojanized WhatsApp and Telegram apps go after cryptocurrency wallets

ESET researchers analyzed Android and Windows clippers that can tamper with instant messages and use OCR to steal cryptocurrency funds

Lukas Stefanko and Peter Strýček16 Mar 202317 min. read


Love scam or espionage? Transparent Tribe lures Indian and Pakistani officials

Love scam or espionage? Transparent Tribe lures Indian and Pakistani officials

Love scam or espionage? Transparent Tribe lures Indian and Pakistani officials

ESET researchers analyze a cyberespionage campaign that distributes CapraRAT backdoors through trojanized and supposedly secure Android messaging apps – but also exfiltrates sensitive information

Lukas Stefanko07 Mar 20236 min. read


StrongPity espionage campaign targeting Android users

StrongPity espionage campaign targeting Android users

StrongPity espionage campaign targeting Android users

ESET researchers identified an active StrongPity campaign distributing a trojanized version of the Android Telegram app, presented as the Shagle app – a video-chat service that has no app version

Lukas Stefanko10 Jan 202311 min. read


Bahamut cybermercenary group targets Android users with fake VPN apps

Bahamut cybermercenary group targets Android users with fake VPN apps

Bahamut cybermercenary group targets Android users with fake VPN apps

Malicious apps used in this active campaign exfiltrate contacts, SMS messages, recorded phone calls, and even chat messages from apps such as Signal, Viber, and Telegram

Lukas Stefanko23 Nov 20229 min. read


Domestic Kitten campaign spying on Iranian citizens with new FurBall malware

Domestic Kitten campaign spying on Iranian citizens with new FurBall malware

Domestic Kitten campaign spying on Iranian citizens with new FurBall malware

APT-C-50’s Domestic Kitten campaign continues, targeting Iranian citizens with a new version of the FurBall malware masquerading as an Android translation app

Lukas Stefanko20 Oct 20226 min. read


3 most dangerous types of Android malware

3 most dangerous types of Android malware

3 most dangerous types of Android malware

Here's what you should know about some of the nastiest mobile malware around – from malicious software that takes phones and data hostage to RATs that allow hackers to control devices remotely

Lukas Stefanko04 May 20221 min. read


Fake e-shops on the prowl for banking credentials using Android malware

Fake e-shops on the prowl for banking credentials using Android malware

Fake e-shops on the prowl for banking credentials using Android malware

ESET researchers analyzed three malicious applications targeting customers of eight Malaysian banks

Lukas Stefanko06 Apr 20226 min. read