Industroyer2: Industroyer reloaded
This ICS-capable malware targets a Ukrainian energy company
Research
Fake e‑shops on the prowl for banking credentials using Android malware
ESET researchers analyzed three malicious applications targeting customers of eight Malaysian banks
Under the hood of Wslink’s multilayered virtual machine
ESET researchers describe the structure of the virtual machine used in samples of Wslink and suggest a possible approach to see through its obfuscation techniques
Crypto malware in patched wallets targeting Android and iOS devices
ESET Research uncovers a sophisticated scheme that distributes trojanized Android and iOS apps posing as popular cryptocurrency wallets
Mustang Panda’s Hodur: Old tricks, new Korplug variant
ESET researchers have discovered Hodur, a previously undocumented Korplug variant spread by Mustang Panda, that uses phishing lures referencing current events in Europe, including the invasion of Ukraine
ESET Research webinar: How APT groups have turned Ukraine into a cyber‑battlefield
Ukraine has been under cyber-fire for years now – here’s what you should know about various disruptive cyberattacks that have hit the country since 2014
ESET Research Podcast: Ukraine’s past and present cyberwar
Press play to hear Aryeh Goretsky, Jean-Ian Boutin and Robert Lipovsky discuss how recent malware attacks in Ukraine tie into years of cyberattacks against the country
IsaacWiper and HermeticWizard: New wiper and worm targeting Ukraine
ESET researchers uncover a new wiper that attacks Ukrainian organizations and a worm component that spreads HermeticWiper in local networks
ESET Threat Report T3 2021
A view of the T3 2021 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts
Watering hole deploys new macOS malware, DazzleSpy, in Asia
Hong Kong pro-democracy radio station website compromised to serve a Safari exploit that installed cyberespionage malware on site visitors’ Macs
DoNot Go! Do not respawn!
ESET researchers take a deep look into recent attacks carried out by Donot Team throughout 2020 and 2021, targeting government and military entities in several South Asian countries
Signed kernel drivers – Unguarded gateway to Windows’ core
ESET researchers look at malware that abuses vulnerabilities in kernel drivers and outline mitigation techniques against this type of exploitation
The dirty dozen of Latin America: From Amavaldo to Zumanek
The grand finale of our series dedicated to demystifying Latin American banking trojans
Launching ESET Research Podcast: A peek behind the scenes of ESET discoveries
Press play for the first episode as host Aryeh Goretsky is joined by Zuzana Hromcová to discuss native IIS malware
Jumping the air gap: 15 years of nation‑state effort
ESET researchers studied all the malicious frameworks ever reported publicly that have been used to attack air-gapped networks and are releasing a side-by-side comparison of their most important TTPs
Strategic web compromises in the Middle East with a pinch of Candiru
ESET researchers have discovered strategic web compromise (aka watering hole) attacks against high‑profile websites in the Middle East
Wslink: Unique and undocumented malicious loader that runs as a server
There are no code, functionality or operational similarities to suggest that this is a tool from a known threat actor
FontOnLake: Previously unknown malware family targeting Linux
ESET researchers discover a malware family with tools that show signs they’re used in targeted attacks
UEFI threats moving to the ESP: Introducing ESPecter bootkit
ESET research discovers a previously undocumented UEFI bootkit with roots going back all the way to at least 2012
ESET Threat Report T2 2021
A view of the T2 2021 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research experts