Information

Video The banking trojan, which targeted mostly Brazil, Mexico and Spain, blocked the victim’s screen, logged keystrokes, simulated mouse and keyboard activity and displayed fake pop-up windows 02 Feb 2024 This week, law enforcement in Brazil took action to disrupt the Grandoreiro banking malware in a joint effort that was also supported by the ESET research team, who contributed technical analysis, statistics, and known C&C server domain names and IP addresses. The operation – which…

Read More

ESET researchers have identified twelve Android espionage apps that share the same malicious code: six were available on Google Play, and six were found on VirusTotal. All the observed applications were advertised as messaging tools apart from one that posed as a news app. In the background, these apps covertly execute remote access trojan (RAT) code called VajraSpy, used for targeted espionage by the Patchwork APT group. VajraSpy has a range of espionage functionalities that…

Read More

ESET Research An AI chatbot inadvertently kindles a cybercrime boom, ransomware bandits plunder organizations without deploying ransomware, and a new botnet enslaves Android TV boxes ESET Research 31 Jan 2024  •  , 2 min. read In this episode of the ESET Research Podcast, we dissect the most interesting findings of the ESET Threat Report H2 2023, including threat actors trying to leverage the AI hype, probably the biggest cyber incident seen in the whole year,…

Read More

ESET has collaborated with the Federal Police of Brazil in an attempt to disrupt the Grandoreiro botnet. ESET contributed to the project by providing technical analysis, statistical information, and known command and control (C&C) server domain names and IP addresses. Due to a design flaw in Grandoreiro’s network protocol, ESET researchers were also able to get a glimpse into the victimology. ESET automated systems have processed tens of thousands of Grandoreiro samples. The domain generation…

Read More

Digital Security In today’s digitally interconnected world, advanced cyber capabilities have become an exceptionally potent and versatile tool of tradecraft for nation-states and criminals alike Andy Garth 29 Jan 2024  •  , 4 min. read For thousands of years, nations have engaged in espionage, spying on their neighbors, allies, and adversaries. Traditionally, this realm of “espionage” relied heavily on human intelligence, but that started changing in the early 1890s with the advent of technologies like…

Read More

Business Security Blindly trusting your partners and suppliers on their security posture is not sustainable – it’s time to take control through effective supplier risk management Phil Muncaster 25 Jan 2024  •  , 5 min. read The world is built on supply chains. They are the connective tissue that facilitates global trade and prosperity. But these networks of overlapping and inter-related companies are increasingly complex and opaque. Most involve the supply of software and digital…

Read More

Video The previously unknown threat actor used the implant to target Chinese and Japanese companies, as well as individuals in China, Japan, and the UK 26 Jan 2024 This week, ESET researchers released their findings about an attack where a previously unknown threat actor deployed a sophisticated multistage implant, which ESET named NSPX30, through adversary-in-the-middle (AitM) attacks hijacking update requests from legitimate software such as Tencent QQ, WPS Office, and Sogou Pinyin. Blackwood, the name…

Read More