APT – Page 4 – ESET Ireland

ESET Research: Spy apps by the GREF group pose as Signal and Telegram; attack users in Europe and the US

August 30, 2023

ESET researchers have identified two active campaigns targeting Android users, where the threat actors behind the tools for Telegram and Signal are attributed to the APT group GREF. Most likely active since July 2020 and since July 2022, respectively for each malicious app, the campaigns have distributed the Android BadBazaar espionage code through the Google … More ESET Research: Spy apps by the GREF group pose as Signal and Telegram; attack users in Europe and the US

ESET APT Activity Report Q4 2022–Q1 2023

May 10, 2023

An overview of the activities of selected APT groups investigated and analysed by ESET Research in Q4 2022 and Q1 2023 ESET APT Activity Report Q4 2022–Q1 2023 summarizes the activities of selected advanced persistent threat (APT) groups that were observed, investigated, and analyzed by ESET researchers from October 2022 until the end of March 2023. Attentive … More ESET APT Activity Report Q4 2022–Q1 2023

ESET discovers WinorDLL64 backdoor, likely part of the Lazarus arsenal

February 23, 2023

ESET researchers have discovered the WinorDLL64 backdoor, one of the payloads of the Wslink downloader. The targeted region, and overlap in behavior and code, suggest the tool is used by the infamous APT group Lazarus. Wslink’s payload can exfiltrate, overwrite, and remove files, execute commands, and obtain extensive information about the underlying system. “Wslink, which … More ESET discovers WinorDLL64 backdoor, likely part of the Lazarus arsenal

ESET APT Activity Report T3 2022

January 31, 2023

An overview of the activities of selected APT groups investigated and analyzed by ESET Research in T3 2022. ESET APT Activity Report T3 2022 summarizes the activities of selected advanced persistent threat (APT) groups that were observed, investigated, and analyzed by ESET researchers from September until the end of December 2022. In the monitored timespan, Russia-aligned … More ESET APT Activity Report T3 2022

ESET Research discovers StrongPity APT group’s espionage campaign targeting Android users with trojanized Telegram app

January 10, 2023

ESET researchers identified an active StrongPity campaign distributing a fully functional but trojanized version of the legitimate Telegram app. ESET researchers identified an active StrongPity APT group campaign leveraging a fully functional but trojanized version of the legitimate Telegram app, which despite being non-existent, has been repackaged as „the“ Shagle app. This StrongPity backdoor has … More ESET Research discovers StrongPity APT group’s espionage campaign targeting Android users with trojanized Telegram app

ESET Ireland

ESET Ireland Official Blog

Tag: APT