Information

Cybercriminals impersonate the trusted e-signature brand and send fake Docusign notifications to trick people into giving away their personal or corporate data Phil Muncaster 27 May 2025  •  , 5 min. read Remember when you used to have to print, sign, scan, email and/or even fax every time you wanted to sign and send an official document? Today, much of the hard work is done behind the scenes by cloud app providers like Docusign. But…

Read More

ESET Research has been tracking Danabot’s activity since 2018 as part of a global effort that resulted in a major disruption of the malware’s infrastructure 23 May 2025 As US authorities, along with Europol and Eurojust, have announced a global disruption operation of Danabot, ESET researchers have released their deep-dive analysis of this sprawling malware-as-a-service (MaaS) operation that according to US authorities compromised more than 300,000 computers around the world and caused at least US$50…

Read More

The bustling cybercrime enterprise has been dealt a significant blow in a global operation that relied on the expertise of ESET and other technology companies 22 May 2025 A global disruption operation has dealt a significant blow to Lumma Stealer, one of the most prolific malware-as-a-service (MaaS) operations. The disruption effort, led by Microsoft and involving technical analysis by ESET researchers, targeted the infostealer’s infrastructure, including all known C&C servers from the past year, and…

Read More

As announced by the US Department of Justice – the FBI and US DoD’s Defense Criminal Investigative Service (DCIS) have managed to disrupt the infrastructure of the notorious infostealer, Danabot. ESET is one of the many cybersecurity companies to participate in this long-term endeavor, becoming involved back in 2018. Our contribution included providing technical analyses of the malware and its backend infrastructure, as well as identifying Danabot’s C&C servers. The joint takedown effort also led…

Read More

ESET has collaborated with Microsoft, BitSight, Lumen, Cloudflare, CleanDNS, and GMO Registry in a global disruption operation against Lumma Stealer, an infamous malware-as-a-service (MaaS) infostealer. The operation targeted Lumma Stealer infrastructure with all known C&C servers in the past year, rendering the exfiltration network, or a large part of it, nonoperational. Key points of this blogpost: ESET took part in a coordinated global operation to disrupt Lumma Stealer. ESET provided technical analysis and statistical information,…

Read More

ESET Chief Security Evangelist Tony Anscombe highlights key findings from the latest issue of the ESET APT Activity Report 19 May 2025 Today, the ESET research team released its latest issue of the APT Activity Report that details the operations of some of the world’s most notorious nation state-affiliated hacking collectives from October 2024 to March 2025. Their analysis reveals sustained efforts by advanced threat actors targeting a broad array of geographies and industry sectors,…

Read More

ESET APT Activity Report Q4 2024–Q1 2025 summarizes notable activities of selected advanced persistent threat (APT) groups that were documented by ESET researchers from October 2024 until the end of March 2025. The highlighted operations are representative of the broader landscape of threats we investigated during this period, illustrating the key trends and developments, and contain only a fraction of the cybersecurity intelligence data provided to customers of ESET’s private APT reports. During the monitored…

Read More