Navigating the murky waters of Android banking malware
An interview with ESET malware researcher Lukáš Štefanko about Android banking malware, the topic of his latest white paper
Latest Articles
Attack at email provider wipes out almost two decades’ worth of data
Instead of financial gain or other, more usual, goals, the attacker leaves ‘scorched digital earth’ behind
When love becomes a nightmare: Online dating scams
Roses are red, violets are blue, watch out for these scams or it may happen to you
Why you should choose a pseudonym at Starbucks
Innocently providing your name at your local coffee shop is just an example of how easy it can be for miscreants to cut through the ‘privacy’ of social media accounts
Apple to pay teenager who uncovered FaceTime bug
The decision to award the bug has been welcomed but one security researcher has said that they need to do more to compensate those who find bugs
Week in security with Tony Anscombe
ESET researchers publish their latest findings on a modular Trojan called DanaBot and on a cryptocurrency stealer that takes the form of clipper malware on Google Play.
First clipper malware discovered on Google Play
Cryptocurrency stealers that replace a wallet address in the clipboard are no longer limited to Windows or shady Android app stores
DanaBot updated with new C&C communication
ESET researchers have discovered new versions of the DanaBot Trojan, updated with a more complicated protocol for C&C communication and slight modifications to architecture and campaign IDs
Google rolls out Chrome extension to warn you about compromised logins
The new tool aims to help in an age when billions of login credentials are floating around the internet
European Commission orders recall of children’s smartwatch over privacy concerns
The watch has been found to expose its wearers to a high level of risk of being contacted and monitored by attackers
Houzz discloses data breach, asks some users to reset passwords
Citing an ongoing investigation, the company wouldn’t say how or when the incident occurred
Four new caches of stolen logins put Collection #1 in the shade
The recently discovered tranches of stolen login credentials freely floating around the internet total 2.2 billion records
Week in security with Tony Anscombe
ESET researchers have spotted a large wave of ransomware-spreading spam targeting Russian users. Researchers at ESET have also detected a substantial new wave of the “Love you” malspam campaign, updated to target Japan and spread GandCrab 5.1. Plus FaceTime bug bites Apple
Japan to probe citizens’ IoT devices in the name of security
Smart devices were targeted by more than one-half of cyberattacks detected in the country in 2017
Cybercrime black markets: Dark web services and their prices
A closer look at cybercrime as a service on the dark web
‘We’re coming for you’, global police warn DDoS attack buyers
First closing in on operators, now on users, as the hunt continues and law enforcement in many countries is about to swoop down on people who bought DDoS attacks on WebStresser
“Love you” malspam gets a makeover for massive Japan‑targeted campaign
ESET researchers have detected a substantial new wave of the “Love you” malspam campaign, updated to target Japan and spread GandCrab 5.1
Apple takes Group FaceTime offline after discovery of spying bug
The company is rushing to fix a glitch that may let other iPhone users hear and see you – before you answer the call
Hear me out! Thousands tell UK taxman to wipe their voice IDs
Even so, the database has grown to seven million voiceprints amid a controversy that puts the spotlight on the privacy implications of the collection of biometric information
Russia hit by new wave of ransomware spam
Among the increased number of malicious JavaScript email attachments observed in January 2019, ESET researchers have spotted a large wave of ransomware-spreading spam targeting Russian users