New Linux/Rakos threat: devices and servers under SSH scan (again)
ESET's Peter Kálnai and Michal Malik report on a new Linux/Rakos threat - devices and servers are under SSH scan again.
Research
Expert content, for researchers by researchersResearch
The rise of TeleBots: Analyzing disruptive KillDisk attacks
ESET's Anton Cherepanov analyzes the work of TeleBots, a malicious toolset that was used in focused cyberattacks against targets in Ukraine's financial sector.
Modern attacks on Russian financial institutions
ESET's Anton Cherepanov Jean-Ian Boutin discuss their paper, titled Modern Attacks on Russian Financial Institutions, which was published earlier this year.
Readers of popular websites targeted by stealthy Stegano exploit kit hiding in pixels of malicious ads
Millions of readers who visit popular news websites have been targeted by a series of malicious ads redirecting them to the Stegano exploit kit.
Tesco Bank not alone in being targeted by Retefe malware
Tesco Bank, which recently saw thousands of its customers lose funds to cybercriminals, has been found on the target list of the so-called Retefe malware.
Linux/Moose: Still breathing
For the past year, ESET and the security firm GoSecure combined their skills in order to research Linux/Moose further. Here's some of what was uncovered.
Lifting the lid on Sednit: A closer look at the software it uses
ESET's threat analysts have taken a closer look at the software used by Sednit to spy on its targets and steal confidential information.
Cybercriminals target Brazilian routers with default credentials
Criminals are hunting for routers with default credentials and with vulnerabilities in their firmware, with Brazilians the main target.
New ESET research paper puts Sednit under the microscope
Security researchers at ESET have released their latest research into the notorious and highly experienced Sednit cyberespionage group.
Book of Eli: African targeted attacks
ESET's latest research analyzes a piece of malware active since 2012, but which has targeted one specific country – Libya.
How encryption molded crypto‑ransomware
Recently ESET has seen significantly increasing volumes of a particular type of ransomware known as crypto-ransomware, reports Cassius Puodzius.
TorrentLocker: Crypto‑ransomware still active, using same tactics
ESET has carried out analysis of new samples of the crypto-ransomware family TorrentLocker, to compare the 2016 campaigns against its research in late 2014.
OSX/Keydnap spreads via signed Transmission application
During the last hours, OSX/Keydnap was distributed on a trusted website, which turned out to be “something else”. It spread via a recompiled version of the otherwise legitimate open source BitTorrent client application Transmission and distributed on their official website.
Malicious scripts gaining prevalence in Brazil
Malicious scripts are gaining prevalence in Brazil, reports ESET's Matías Porolli.
Fake apps on Google Play tricked users into paying instead of delivering promised followers
ESET has discovered eight fake applications on Google Play, which were promising to boost the number of followers on users’ social network profiles. Our security software is detecting these as Android/Fasurke.
Nymaim rides again in 2016 and reaches Brazil
During the first half of this year, ESET has observed an increase in the number of detections of Nymaim, a long-known malware family whose prevalence has fallen markedly since 2014.
New OSX/Keydnap malware is hungry for credentials
For the last few weeks, ESET has been investigating OSX/Keydnap, a malware that steals the content of the keychain while maintaining a permanent backdoor.
Espionage toolkit targeting Central and Eastern Europe uncovered
Over the course of the last year, ESET has detected and analyzed several instances of malware used for targeted espionage – dubbed SBDH toolkit.
Operation Groundbait: Espionage in Ukrainian war zones
After BlackEnergy and Operation Potao Express, ESET researchers have uncovered another cyberespionage operation in Ukraine: Operation Groundbait.
Ransomware is everywhere, but even black hats make mistakes
Ransomware is everywhere. At least that might be the impression left by a seemingly endless stream of news reports on recent cyberattacks, reports ESET's Ondrej Kubovič.