Malicious campaign targets South Korean users with backdoor‑laced torrents
ESET researchers have discovered a malicious campaign distributing a backdoor via torrents, with Korean TV content used as a lure
Research
Expert content, for researchers by researchersResearch
LoudMiner: Cross‑platform mining in cracked VST software
The story of a Linux miner bundled with pirated copies of VST (Virtual Studio Technology) software for Windows and macOS
Malware sidesteps Google permissions policy with new 2FA bypass technique
ESET analysis uncovers a novel technique bypassing SMS-based two-factor authentication while circumventing Google’s recent SMS permissions restrictions
Wajam: From start‑up to massively‑spread adware
How a Montreal-made "social search engine" application has managed to become widely-spread adware, while escaping consequences
A dive into Turla PowerShell usage
ESET researchers analyze new TTPs attributed to the Turla group that leverage PowerShell to run malware in-memory only
Fake cryptocurrency apps crop up on Google Play as bitcoin price rises
ESET researchers have analyzed fake cryptocurrency wallets emerging on Google Play at the time of bitcoin’s renewed growth
Patch now! Why the BlueKeep vulnerability is a big deal
What you need to know about the critical security hole that could enable the next WannaCryptor
A journey to Zebrocy land
ESET sheds light on commands used by the favorite backdoor of the Sednit group
EternalBlue reaching new heights since WannaCryptor outbreak
Attack attempts involving the exploit are in hundreds of thousands daily
Plead malware distributed via MitM attacks at router level, misusing ASUS WebStorage
ESET researchers have discovered that the attackers have been distributing the Plead malware via compromised routers and man-in-the-middle attacks against the legitimate ASUS WebStorage software
Turla LightNeuron: An email too far
ESET research uncovers Microsoft Exchange malware remotely controlled via steganographic PDF and JPG email attachments
D‑Link camera vulnerability allows attackers to tap into the video stream
ESET researchers highlight a series of security holes in a device intended to make homes and offices more secure
Buhtrap backdoor and Buran ransomware distributed via major advertising platform
Criminal activities against accountants on the rise – Buhtrap and RTM still active
OceanLotus: macOS malware update
Latest ESET research describes the inner workings of a recently found addition to OceanLotus’s toolset for targeting Mac users
Fake or Fake: Keeping up with OceanLotus decoys
ESET researchers detail the latest tricks and techniques OceanLotus uses to deliver its backdoor while staying under the radar
Gaming industry still in the scope of attackers in Asia
Asian game developers again targeted in supply-chain attacks distributing malware in legitimately signed software
ML‑era in cybersecurity: A step toward a safer world or the brink of chaos?
As the use of this technology grows so does the risk that attackers may hijack it
First clipper malware discovered on Google Play
Cryptocurrency stealers that replace a wallet address in the clipboard are no longer limited to Windows or shady Android app stores
DanaBot updated with new C&C communication
ESET researchers have discovered new versions of the DanaBot Trojan, updated with a more complicated protocol for C&C communication and slight modifications to architecture and campaign IDs
“Love you” malspam gets a makeover for massive Japan‑targeted campaign
ESET researchers have detected a substantial new wave of the “Love you” malspam campaign, updated to target Japan and spread GandCrab 5.1