ESET researchers have analyzed remote access tools cybercriminals have been using in an ongoing espionage campaign to systematically spy on Ukrainian government institutions and exfiltrate data from their systems
ResearchExpert content, for researchers by researchers
Website altered to serve a malware-tainted version of otherwise legitimate software with the global event in Russia acting as a smokescreen
D-Link and Changing Information Technologies code-signing certificates stolen and abused by highly skilled cyberespionage group focused on East Asia, particularly Taiwan
Entirely new malware family discovered by ESET researchers
Adidas “prize” used as bait in attempt to lure people into biting
Tricksters have been misleading users about the functionality of apps by displaying bogus download numbers
Hunting for secrets from high-profile targets while staying in the shadows
ESET researchers have discovered a piece of banking malware that employs a new technique to bypass dedicated browser protection measures
ESET researchers have observed a significant change in the campaign of the infamous espionage group
Double zero-day vulnerabilities fused into one. A mysterious sample enables attackers to execute arbitrary code with the highest privileges on intended targets
The infamous outbreak may no longer be causing mayhem worldwide but the threat that enabled it is still very much alive and posing a major threat to unpatched and unprotected systems
It’s tax season in Canada and scammers are using fake tax refund forms to lure victims into supplying their personal information via phishing pages
Zebrocy heavily used by the Sednit group over last two years
ESET researchers have analyzed a newly discovered set of apps on Google Play, Google's official Android app store, that pose as security applications. Instead of security, all they provide is unwanted ads and ineffective pseudo-security.
The Lazarus Group gained notoriety especially after cyber-sabotage against Sony Pictures Entertainment in 2014. Fast forward to late 2017 and the group continues to deploy its malicious tools, including disk-wiping malware known as KillDisk, to attack a number of targets.
The game was uploaded to Google Play and attempted to trick users into unwittingly signing up for a weekly paid subscription
Using the strategies and procedures we present in our paper could help prevent an attacker from taking control of your computer
Latest ESET research strongly suggests that Glupteba is no longer tied to the infamous Operation Windigo.
ESET researchers dicovered that Trojanized applications used to steal bitcoin were hosted inadvertently by the popular website download.cnet.com.
To smuggle the backdoor onto a targeted machine, the group uses a two-stage attack whereby a dropper package first gains a foothold on the system and sets the stage for the backdoor itself. This process involves some trickery commonly associated with targeted operations of this kind.