Information

ESET Research ESET researchers discuss the dynamics within and between various groups of scammers who use a Telegram bot called Telekopye to scam people on online marketplaces ESET Research 18 Dec 2023  •  , 1 min. read In this episode of our podcast, ESET malware researchers talk about the dynamics within and between various Neanderthal groups, the techniques that this horde of scammers uses to find and select the best Mammoths for hunting, and especially…

Read More

Video Your iPhone has just received a new feature called iMessage Contact Key Verification that is designed to help protect your messages from prying eyes 15 Dec 2023 Apple has shipped iOS 17.2 to all users and it includes a new feature that is intended to protect users from attackers who could be misusing the company’s iMessage server infrastructure. Called iMessage Contact Key Verification, the feature “automatically verifies that you’re messaging with the person that…

Read More

ESET researchers analyzed a growing series of OilRig downloaders that the group has used in several campaigns throughout 2022, to maintain access to target organizations of special interest – all located in Israel. These lightweight downloaders, which we named SampleCheck5000 (SC5k v1-v3), OilCheck, ODAgent, and OilBooster, are notable for using one of several legitimate cloud service APIs for C&C communication and data exfiltration: the Microsoft Graph OneDrive or Outlook APIs, and the Microsoft Office Exchange…

Read More

ESET Research has discovered a cluster of malicious Python projects being distributed in PyPI, the official Python package repository. The threat targets both Windows and Linux systems and usually delivers a custom backdoor. In some cases, the final payload is a variant of the infamous W4SP Stealer, or a simple clipboard monitor to steal cryptocurrency, or both. In May 2023, we reported on another cluster of packages we found on PyPI that delivers password and…

Read More

Cybercrime continues to grow rapidly; indeed, it is a highly lucrative global industry. Without accurately accounting for profits from cybercrime (1, 2), we are left looking at the staggering estimated cost of US$7.08 trillion in 2022 for reference. Measured in terms of GDP, the illegal proceeds would rank as the third-largest “economy” worldwide. Regardless, this landscape keeps evolving, driven by new tech, further monetization of the internet, new illicit opportunities enabled by the vibrant cybercrime…

Read More

Mobile Security A security compromise so stealthy that it doesn’t even require your interaction? Yes, zero-click attacks require no action from you – but this doesn’t mean you’re left vulnerable. Márk Szabó 11 Dec 2023  •  , 3 min. read In a world of instant communication and accelerated by the ever-spreading notion that if you are not connected or available, you might be the odd one out, messaging has, in many ways, become a crucial…

Read More

We Live Progress ChatGPT would probably say “Definitely not!”, but will we learn any lessons from the rush to regulate IoT in the past? Tony Anscombe 11 Dec 2023  •  , 3 min. read The accelerated pace in the advancement of technology is challenging for any of us to keep up with, especially for public sector policymakers who traditionally follow rather than lead. Last week, the Black Hat Europe conference held in London, provided an…

Read More