In recent months, there has been a significant increase in the number of networks and users affected by ransomware known as Locky, discusses ESET's Diego Perez.
ResearchExpert content, for researchers by researchers
ESET researchers are actively monitoring malware that targets embedded systems such as routers, gateways and wireless access points. We call this new threat Linux/Remaiten.
A unique data-stealing trojan has been spotted on USB devices in the wild – and it is different from typical data-stealing malware, reports ESET's Tomáš Gardoň.
Weeks after it started attacking and encrypting victims' information, Locky is still targeting many users. Here's what you need to know about this threat.
This malware masquerades as Flash Player, behaves like a screen locker, and can bypass two-factor authentication. This combination of features turns it into a powerful tool for stealing money from victims’ bank accounts.
New ransomware infecting Apple OS X surfaced on March 4th, 2016, with the emergence of KeRanger. The first inkling of trouble came at the weekend.
Lock-screen types and file-encrypting “crypto-ransomware”, both of which have been causing major financial and data losses for many years, have made their way to the Android platform. ESET has prepared a topical white paper on the growth of this insidious Android malware.
ESET has seen a rise in malware developed using scripting languages. We can understand the threats better by isolating them in a dynamic analysis environment.
The cybercriminal group behind BlackEnergy, the malware family that has been around since 2007 and has made a comeback in 2014, was also active in the year 2015.
ESET has recently observed a huge increase in detections of the Nemucod trojan, a threat that usually tries to download another malware from the internet. Those detections ratios were very high in some countries.
Law enforcement agencies from around the globe, aided by Microsoft security researchers, today announced the disruption of one of the most widely distributed malware families – Win32/Dorkbot.
The free version of Ammyy's remote administrator software were being served a bundle that contained an NSIS installer used by the gang behind Operation Buhtrap.
Earlier this year, a new type of trojan caught the attention of ESET researchers. This article will take a deep dive into how the exploit works and briefly describe the final payload.
A banking trojan, detected by ESET as Win32/Brolux.A, is targeting Japanese internet banking users and spreading through at least two vulnerabilities: a Flash vulnerability leaked in the Hacking Team hack and the so-called unicorn bug, a vulnerability in Internet Explorer.
In order to help make Google Play a safer place for Android users, ESET continues to monitor the official Android app market for malicious or potentially unwanted applications.
IKEA, KFC, H&M and 7-Eleven are just a few popular brands that are being exploited by cybercriminals via WhatsApp. We take a closer look at this multi-country, multi-brand fraud.
ESET recently discovered an interesting stealth attack on Android users, an app that is a regular game but with an interesting addition: the application was bundled with another application.
Every now and again, ESET comes across an attack that "stands out". Odlanor malware fits that bill - this unique trojan targets players of online poker.
The latest ESET discovery of the first known Android lock-screen-type ransomware that spreads in the wild and sets the phone's PIN lock is examined.
A few days ago, CSIS published details about new Carbanak samples found in the wild. In this blog we examine the latest developments in the Carbanak story.