Winnti Group’s skip‑2.0: A Microsoft SQL Server backdoor

Notorious cyberespionage group debases MSSQL. For a while, ESET researchers have been tracking the activities of the Winnti Group, active since at least 2012 and responsible for high-profile supply-chain attacks against the video game and software industry. Recently, we discovered a previously undocumented backdoor targeting Microsoft SQL (MSSQL) that allows attackers to maintain a very discreet … More Winnti Group’s skip‑2.0: A Microsoft SQL Server backdoor

Fleecing the onion: Darknet shoppers swindled out of bitcoins via trojanized Tor Browser

ESET researchers discover a trojanized Tor Browser distributed by cybercriminals to steal bitcoins from darknet market buyers. Utilizing a trojanized version of an official Tor Browser package, the cybercriminals behind this campaign have been very successful – so far their pastebin.com accounts have had more than 500,000 views and they were able to steal US$40,000+ … More Fleecing the onion: Darknet shoppers swindled out of bitcoins via trojanized Tor Browser

What was wrong with Alexa? How Amazon Echo and Kindle got KRACKed

ESET Smart Home Research Team uncovers Echo, Kindle versions vulnerable to 2017 Wi-Fi vulnerabilities. In recent years, hundreds of millions of homes have become “smarter” and internet-enabled using one of the popular home assistant devices. Despite the efforts of some vendors to develop these devices with security in mind, ESET Smart Home Research Team discovered … More What was wrong with Alexa? How Amazon Echo and Kindle got KRACKed

Streaming devices track viewing habits, study finds

Do you know what kind of data your streaming device may be collecting while you binge watch? Steadily, we are adopting more and more technology into our households. Our homes are becoming more interconnected, with IoT (Internet of Things) devices becoming regular parts of our lives. One of the devices that is the centerpiece of … More Streaming devices track viewing habits, study finds

Connecting the dots: Exposing the arsenal and methods of the Winnti Group

New ESET white paper released describing updates to the malware arsenal and campaigns of this group known for its supply-chain attacks. Today, ESET Research releases a white paper updating our understanding of the Winnti Group. Last March, ESET researchers warned about a new supply-chain attack targeting video game developers in Asia. Following that publication, we continued … More Connecting the dots: Exposing the arsenal and methods of the Winnti Group

How can critical infrastructure be targeted by malware?

Do you know how attacks on national critical systems could also represent a threat to your business? The concept that cyber criminals can take out power grids or disrupt transport networks may once have been a movie script rather than news headlines. Yet in the last few years we’ve seen continued attacks on power grids … More How can critical infrastructure be targeted by malware?

ESET discovers Attor, a spy platform with curious GSM fingerprinting

ESET researchers discover a previously unreported cyberespionage platform used in targeted attacks against diplomatic missions and governmental institutions, and privacy-concerned users. ESET researchers have discovered a new espionage platform with a complex architecture, a host of measures to make detection and analysis more difficult and two notable features. First, its GSM plugin uses the AT … More ESET discovers Attor, a spy platform with curious GSM fingerprinting