Lifting the lid on Sednit: A closer look at the software it uses
ESET's threat analysts have taken a closer look at the software used by Sednit to spy on its targets and steal confidential information.
Research
Expert content, for researchers by researchersResearch
Cybercriminals target Brazilian routers with default credentials
Criminals are hunting for routers with default credentials and with vulnerabilities in their firmware, with Brazilians the main target.
New ESET research paper puts Sednit under the microscope
Security researchers at ESET have released their latest research into the notorious and highly experienced Sednit cyberespionage group.
Book of Eli: African targeted attacks
ESET's latest research analyzes a piece of malware active since 2012, but which has targeted one specific country – Libya.
How encryption molded crypto‑ransomware
Recently ESET has seen significantly increasing volumes of a particular type of ransomware known as crypto-ransomware, reports Cassius Puodzius.
TorrentLocker: Crypto‑ransomware still active, using same tactics
ESET has carried out analysis of new samples of the crypto-ransomware family TorrentLocker, to compare the 2016 campaigns against its research in late 2014.
OSX/Keydnap spreads via signed Transmission application
During the last hours, OSX/Keydnap was distributed on a trusted website, which turned out to be “something else”. It spread via a recompiled version of the otherwise legitimate open source BitTorrent client application Transmission and distributed on their official website.
Malicious scripts gaining prevalence in Brazil
Malicious scripts are gaining prevalence in Brazil, reports ESET's Matías Porolli.
Fake apps on Google Play tricked users into paying instead of delivering promised followers
ESET has discovered eight fake applications on Google Play, which were promising to boost the number of followers on users’ social network profiles. Our security software is detecting these as Android/Fasurke.
Nymaim rides again in 2016 and reaches Brazil
During the first half of this year, ESET has observed an increase in the number of detections of Nymaim, a long-known malware family whose prevalence has fallen markedly since 2014.
New OSX/Keydnap malware is hungry for credentials
For the last few weeks, ESET has been investigating OSX/Keydnap, a malware that steals the content of the keychain while maintaining a permanent backdoor.
Espionage toolkit targeting Central and Eastern Europe uncovered
Over the course of the last year, ESET has detected and analyzed several instances of malware used for targeted espionage – dubbed SBDH toolkit.
Operation Groundbait: Espionage in Ukrainian war zones
After BlackEnergy and Operation Potao Express, ESET researchers have uncovered another cyberespionage operation in Ukraine: Operation Groundbait.
Ransomware is everywhere, but even black hats make mistakes
Ransomware is everywhere. At least that might be the impression left by a seemingly endless stream of news reports on recent cyberattacks, reports ESET's Ondrej Kubovič.
My video, My first video, Private video: Don’t fall for this Facebook scam
My video, My first video, Private video: Don’t fall for this Facebook scam, which is infecting accounts around the world with a very high rate of success.
Mumblehard takedown ends army of Linux servers from spamming
One year after the release of the technical analysis of the Mumblehard Linux botnet, it is no longer active. ESET, in collaboration with the Cyber Police of Ukraine and CyS Centrum LLC, have taken down the botnet, stopping its spamming activities.
Buying Ray‑Bans? Don’t fall for this Facebook scam
Recently, we’ve observed a new wave of scams on Facebook. Crooks are luring social network users to visit bogus Ray-Ban e-shops and buy heavily discounted sunglasses there. Victims’ payment card details are at risk.
Analysis of the Locky infection process
In recent months, there has been a significant increase in the number of networks and users affected by ransomware known as Locky, discusses ESET's Diego Perez.
Meet Remaiten – a Linux bot on steroids targeting routers and potentially other IoT devices
ESET researchers are actively monitoring malware that targets embedded systems such as routers, gateways and wireless access points. We call this new threat Linux/Remaiten.
New self‑protecting USB trojan able to avoid detection
A unique data-stealing trojan has been spotted on USB devices in the wild – and it is different from typical data-stealing malware, reports ESET's Tomáš Gardoň.