Malicious code is nothing to worry about on Linux, right? Hold your penguins. How Linux malware has gone from the sidelines to the headlines. Gone are the days when the idea of viruses or other malware hitting Linux was almost universally greeted with quizzical glances, if not outright rejection. Long thought of as the perfect … More Linux and malware: Should you worry?
Número dois in our series demystifying Latin American banking trojans. Most reverse engineers would agree that quite often one can learn something new on the job. However, it is not every day you learn how to cook a delicious meal while analyzing malware. This unique experience is provided by a malware family we discuss in … More Casbaneiro: Dangerous cooking with a secret ingredient
ESET researchers describe the latest components used in a recent Sednit campaign. While summer is usually synonymous with vacations, it seems that the Sednit group has been developing new components to add to the Zebrocy malware family. The Sednit group – also known as APT28, Fancy Bear, Sofacy or STRONTIUM – has been operating since … More No summer vacations for Zebrocy
ESET researchers discovered a campaign that uses two malicious tools with similar capabilities to ensure both resilience and broader potential for the attackers. We’ve discovered an ongoing campaign in the Balkans spreading two tools having a similar purpose: a backdoor and a remote access trojan we named, respectively, BalkanDoor and BalkanRAT. BalkanRAT enables the attacker … More In the Balkans, businesses are under fire from a double‑barreled cyberweapon
ESET researchers have discovered a malicious campaign distributing a backdoor via torrents, with Korean TV content used as a lure. Fans of Korean TV should be on the lookout for an ongoing campaign spreading malware via torrent sites, using South Korean movies and TV shows as a guise. The malware allows the attacker to connect … More Malicious campaign targets South Korean users with backdoor-laced torrents