Analysis of a banking Trojan using a browser extension as its execution method and spreading via spam, then using a Brazilian government server to collect the victim’s stolen information.
A look at Windows 8 during the first six months of its release. Just how well is it holding up, security-wise? The challenges faced by developers in securing Modern Windows and how piracy in the Windows Store might affect BYOD rollouts in the enterprise.
A report devoted to analysis of one of the stealthiest bootkits ever seen in the wild – Win32/Gapz.
Welcome to the Web 2.0 incarnation of the Misinformation Superhighway. Did you really think that hoaxing had died out?
The ‘PokerAgent’ botnet, which we have tracked in 2012, was designed to harvest Facebook log-on credentials, also collecting information on credit card details linked to the Facebook account and Zynga Poker player stats, presumably with the intention to mug the victims. The threat was mostly active in Israel.
ESET Latin America’s Malware Analysis Lab reviews the year and compiles threat trends for the upcoming season. So how will the 2013 threatscape look like according to the IT security company ESET? It will definitely see major growth of mobile malware and its variants, increased malware propagation via websites, continuing rise of botnets and attacks on the cloud resulting in information leaks.
Analysis of an SMS Trojan found on Android smartphones that is capable of executing SMS premium rate scams in a wide range of countries. ESET researchers in Latin America combine code inspection with investigation of consumer forums to reveal the first threat of the kind targeting Latin American countries, but with implications that are global.
Phishing scams old and new, and some ways to recognize the baited hook before you bite off more than you can chew.
An analysis of the newest and most interesting security features in Windows 8, Microsoft’s newest desktop operating system, as well as how it may be attacked in the future.
The first malware to infect hundreds of thousands of Apple Mac
10000‘s of AutoCAD Designs Leaked in Suspected Industrial Espionage.
ESET Latin America’s Malware Analysis Lab looks at the implications of changes in the threat landscape, focusing in particular on anticipated developments in mobile threats.
An updated version of the paper “Ten Ways to Dodge CyberBullets”, addressing the question “what are the top 10 things that people can do to protect themselves against malicious activity?”
What is a potentially unwanted application (PUA)? This paper gives some examples of “potentially unwanted” and “potentially unsafe” applications, explaining how they differ from out-and-out malware.
This paper consolidates information published By ESET and Group-IB researchers on Russian malware that attacks Russian RBS (Remote Banking Systems) transactions: now updated to version 1.1 to include additional material.
If you know you need to back up your data but you’re not sure how to do it, here’s a practical guide on how to get started.
A comprehensive analysis of Win32/Hodprot, one of the families of malware most used in banking fraud in Russia and its neighbours.
A comprehensive analysis of the TDSS/Olmarik/Alureon family, which has learned some radical new tricks. Updated to include information on a new plugin making radical changes to Olmarik’s botnet.
As if fake anti-virus products weren’t bad enough, nowadays we have unsolicited phone-calls from fake AV helpdesks. ESET researchers tell you pdf about support scams.
Version 1.31 of a comprehensive analysis of the Stuxnet phenomenon, updated to add pointers to additional resources. This is probably the last update of the document, but further relevant resources will be added to a list here.