White Papers

87 reports
Read The ManualDownload

Read The Manual

Read The Manual

In this paper, ESET's Matthieu Faou and Jean-Ian Boutin look at Read The Manual (RTM), a new group that has emerged on the international cybercrime scene. They cover the details of their tools, whom they target, and offer a rare glimpse into the type of operation they are carrying out.

En Route with Sednit – Part 3: A Mysterious DownloaderDownload

En Route with Sednit – Part 3: A Mysterious Downloader

En Route with Sednit – Part 3: A Mysterious Downloader

In the third and final part of our whitepaper “En Route with Sednit,” we describe a special downloader named Downdelph.

En Route with Sednit – Part 1: Approaching the targetDownload

En Route with Sednit – Part 1: Approaching the target

En Route with Sednit – Part 1: Approaching the target

In the first part of our whitepaper “En Route with Sednit”, we focus on the methods used by the group to attack its targets, and on who these targets are.

En Route with Sednit – Part 2: Observing the Comings and GoingsDownload

En Route with Sednit – Part 2: Observing the Comings and Goings

En Route with Sednit – Part 2: Observing the Comings and Goings

In the second part of our whitepaper “En Route with Sednit”, we focus on Sednit’s espionage toolkit, which is deployed on targets deemed interesting after a reconnaissance phase (described in the first part of the whitepaper).

En Route with Sednit: Full WhitepaperDownload

En Route with Sednit: Full Whitepaper

En Route with Sednit: Full Whitepaper

The full whitepaper “En Route with Sednit,” compiling parts 1-3.

Windows 10 security and privacy: An in-depth review and analysisDownload

Windows 10 security and privacy: An in-depth review and analysis

Windows 10 security and privacy: An in-depth review and analysis

As Windows 10 nears its one year anniversary, WeLiveSecurity gives an in-depth review of the operating system from a security and privacy perspective.

Visiting the bear Den Presentation for REcon 2016Download

Visiting the bear Den Presentation for REcon 2016

Visiting the bear Den Presentation for REcon 2016

A journey in the land of (Cyber-) espionage - stunning presentation by ESET researchers JoanCalvet, Jessy Campos and Thomas Dupuy.

Operation Groundbait: Analysis of a surveillance toolkitDownload

Operation Groundbait: Analysis of a surveillance toolkit

Operation Groundbait: Analysis of a surveillance toolkit

Operation Groundbait (Russian: Прикормка, Prikormka) is an ongoing cyber-surveillance operation targeting individuals in Ukraine. The group behind this operation has been launching targeted and possibly politically-motivated attacks to spy on individuals.
This paper presents ESET’s findings about Operation Groundbait based on our re- search into the Prikormka malware family.

Operation Buhtrap Presentation for AVAR2015Download

Operation Buhtrap Presentation for AVAR2015

Operation Buhtrap Presentation for AVAR2015

A presentation by Jean-Ian Boutin, Anton Cherepanov and Jan Matušík, detailing Operation Buhtrap.