2018: Research highlights from ESET’s leading lights

As the curtain slowly falls on yet another eventful year in cybersecurity, let’s look back on some of the finest malware analysis by ESET researchers in 2018. If you never got the chance to read this year’s investigations by ESET researchers into some of the most dangerous hacker shenanigans in recent years, or if you … More 2018: Research highlights from ESET’s leading lights

GreyEnergy: Updated arsenal of one of the most dangerous threat actors

ESET research reveals a successor to the infamous BlackEnergy APT group targeting critical infrastructure, quite possibly in preparation for damaging attacks. Recent ESET research has uncovered details of the successor of the BlackEnergy APT group, whose main toolset was last seen in December 2015 during the first-ever blackout caused by a cyberattack. Around the time … More GreyEnergy: Updated arsenal of one of the most dangerous threat actors

New TeleBots backdoor: First evidence linking Industroyer to NotPetya

ESET’s analysis of a recent backdoor used by TeleBots – the group behind the massive NotPetya ransomware outbreak – uncovers strong code similarities to the Industroyer main backdoor, revealing a rumored connection that was not previously proven. Among the most significant malware-induced cybersecurity incidents in recent years were the attacks against the Ukrainian power grid – which … More New TeleBots backdoor: First evidence linking Industroyer to NotPetya

TeleBots are back: Supply-chain attacks against Ukraine

The latest Petya-like outbreak has gathered a lot of attention from the media. However, it should be noted that this was not an isolated incident: this is the latest in a series of similar attacks in Ukraine. This blogpost reveals many details about the Diskcoder.C (aka ExPetr, PetrWrap, Petya, or NotPetya) outbreak and related information about previously … More TeleBots are back: Supply-chain attacks against Ukraine

Industroyer: Biggest threat to industrial control systems since Stuxnet

The 2016 attack on Ukraine’s power grid that deprived part of its capital, Kiev, of power for an hour was caused by a cyberattack. ESET researchers have since analyzed samples of malware, detected by ESET as Win32/Industroyer, capable of performing exactly that type of attack. Whether the same malware was really involved in what cybersecurity … More Industroyer: Biggest threat to industrial control systems since Stuxnet

Operation Groundbait: Espionage in Ukrainian war zones

In addition to the armed conflict in eastern Ukraine, in recent years the country has been facing a significantly higher number of targeted cyberattacks, or so-called advanced persistent threats (APTs). After BlackEnergy, which has, most infamously, facilitated attacks that resulted in power outages for hundreds of thousands of Ukrainian civilians, and Operation Potao Express, where … More Operation Groundbait: Espionage in Ukrainian war zones

The security review: ESET’s trends for 2016, more cyberattacks in Ukraine and virtualised security

From expert insight into cybersecurity-related trends in 2016 to the ongoing attacks against Ukraine’s electric power industry and the persistent problem that is poor password behavior, we’ve got you covered for all the important security stories from the past seven days. ESET Trends for 2016: Security is becoming a part of our lives ESET released … More The security review: ESET’s trends for 2016, more cyberattacks in Ukraine and virtualised security