ESET researchers have analysed remote access tools cybercriminals have been using in an ongoing campaign to systematically exfiltrate data from Ukrainian systems. In this blogpost, we will sum up the findings published in full in our white paper “Quasar, Sobaken and Vermin: A deeper look into an ongoing espionage campaign”. The attackers behind the campaign … More A deep dive down the Vermin RAThole
Gary Davis accused of working as an administrator for the notorious dark web marketplace appears in a federal court in New York. A 30-year-old Irish man accused of working for the dark web marketplace Silk Road has been extradited to the United States to face charges. Gary Davis, was arrested in 2014 and charged with being an administrator … More Irishman extradited to the US to face charges relating to Silk Road
Law enforcement and malware research join forces to take down cybercriminals. The primary purpose of malware analysis is to determine how a given piece of malware works, extract IOCs (Indicators of Compromise) and determine potential countermeasures. This work is almost purely technical in nature: it focuses on binary files and their properties. Results from malware analysis are … More Trends 2018: Doing time for cybercrime
Social media giant fined in the UK for failing to protect users’ personal information and for a lack of transparency. Facebook is facing its first possible financial penalty for its role in the Cambridge Analytica scandal that saw the personal data of millions of users harvested without their knowledge. The social media giant was hit with a … More Facebook fined over data privacy scandal
On average, people have more than 50 software applications on their Windows computers.1 Combine this with your mobile device apps and alternative operating systems, and you could end up spending all of your time updating applications or fixing update issues. How to handle the headaches associated with keeping your devices up to date? Let ESET … More System update headaches? ESET is the cure
Website altered to serve a malware-tainted version of otherwise legitimate software with the global event in Russia acting as a smokescreen. Users who downloaded the free remote administration tool Ammyy Admin from its official website ammyy.com on June 13 or 14, beware! According to ESET’s analysis, within that timeframe the website was compromised to serve … More Ammyy Admin compromised with malware again; World Cup used as cover
D-Link and Changing Information Technologies code-signing certificates stolen and abused by highly skilled cyberespionage group focused on East Asia, particularly Taiwan. ESET researchers have discovered a new malware campaign misusing stolen digital certificates. We spotted this malware campaign when our systems marked several files as suspicious. Interestingly, the flagged files were digitally signed using a valid … More Certificates stolen from Taiwanese tech-companies misused in Plead malware campaign
