ESET researchers

ESET researchers discovers espionage apps on the attack in Pakistan

ESET researchers have identified 12 Android espionage apps that share the same malicious code; six were available on Google Play. All the observed applications were advertised as messaging tools, apar...

Predatory SpyLoan apps expand their range to Android

ESET researchers have observed alarming growth in deceptive Android loan apps, which present themselves as legitimate personal loan services, promising quick and easy access to funds. Despite their at...

AceCryptor malware hit computers 10,000 times every month

ESET researchers have revealed details about a prevalent cryptor malware, AceCryptor, which operates as a cryptor-as-a-service used by tens of malware families. This threat has been around since 2016,...

ESET discover Lazarus DreamJob campaign targets Linux users

ESET researchers have discovered a new Lazarus Operation DreamJob campaign targeting Linux users. ESET Research was able to reconstruct the full chain, from the ZIP file that delivers a fake HSBC job ...

ESET discover hackers stealing from cryptocurrency wallets

ESET researchers have discovered dozens of copycat Telegram and WhatsApp websites targeting mainly Android and Windows users with trojanized versions of these instant messaging apps. Most of the malic...

ESET reveals APT group targeting officials with honey-trap in India, Pakistan and Middle East

ESET researchers have analyzed a cyberespionage campaign distributing CapraRAT backdoors through trojanized and supposedly “secure” Android messaging apps that exfiltrate sensitive information.

ESET reveals BlackLotus can bypass UEFI Secure Boot on fully patched systems

ESET researchers are the first to publish an analysis of a UEFI bootkit that is capable of bypassing an essential platform security feature – UEFI Secure Boot. The functionality of the bootkit and its...

Iran-aligned hacker group attacks diamond industry

ESET researchers discovered a new wiper and its execution tool, both attributed to the Iran-aligned Agrius APT group. The malware operators conducted a supply-chain attack abusing an Israeli software ...

North Korean hackers stealing data via Google Drive

ESET researchers analyzed a previously unreported sophisticated backdoor used by the ScarCruft APT group. The backdoor, which ESET named Dolphin, has a wide range of spying capabilities, including mon...