ESET has recently observed a huge increase in detections of the Nemucod trojan, a threat that usually tries to download another malware from the internet. Those detections ratios were very high in some countries.
ResearchExpert content, for researchers by researchers
Law enforcement agencies from around the globe, aided by Microsoft security researchers, today announced the disruption of one of the most widely distributed malware families – Win32/Dorkbot.
The free version of Ammyy's remote administrator software were being served a bundle that contained an NSIS installer used by the gang behind Operation Buhtrap.
Earlier this year, a new type of trojan caught the attention of ESET researchers. This article will take a deep dive into how the exploit works and briefly describe the final payload.
A banking trojan, detected by ESET as Win32/Brolux.A, is targeting Japanese internet banking users and spreading through at least two vulnerabilities: a Flash vulnerability leaked in the Hacking Team hack and the so-called unicorn bug, a vulnerability in Internet Explorer.
In order to help make Google Play a safer place for Android users, ESET continues to monitor the official Android app market for malicious or potentially unwanted applications.
IKEA, KFC, H&M and 7-Eleven are just a few popular brands that are being exploited by cybercriminals via WhatsApp. We take a closer look at this multi-country, multi-brand fraud.
ESET recently discovered an interesting stealth attack on Android users, an app that is a regular game but with an interesting addition: the application was bundled with another application.
Every now and again, ESET comes across an attack that "stands out". Odlanor malware fits that bill - this unique trojan targets players of online poker.
The latest ESET discovery of the first known Android lock-screen-type ransomware that spreads in the wild and sets the phone's PIN lock is examined.
A few days ago, CSIS published details about new Carbanak samples found in the wild. In this blog we examine the latest developments in the Carbanak story.
The recent Firefox attacks are an example of active in-the-wild exploitation of a serious software vulnerability.
Operation Patao Express – Attackers spying on high-value targets in Ukraine, Russia and Belarus, and their TrueCrypt-encrypted data.
A recently identified trojan porn clicker is still infecting apps on Google Play.
In April, ESET’s Laboratory in Latin America received a report on an executable program named "Liberty2-0.exe." Now, it asks is there a version 1.0?
The infamous Sednit espionage group is currently using the Hacking Team exploits disclosed earlier this week to target eastern European institutions.
In this blog we describe a sophisticated backdoor, called Dino by its creators. We believe this malicious software has been developed by the Animal Farm espionage group, who also created the infamous Casper, Bunny and Babar malware.
Porn clickers pretending to be the the Dubsmash application have found their way back onto Google Play, a month after being removed.
A malware family that primarily targets Linux-based consumer routers but that can infect other Linux-based embedded systems in its path: Dissecting Linux/Moose.
ESET has discovered over 30 scareware apps available for download from the Google Play store. The apps have been installed by more than 600,000 Android users.