A lookback under the TA410 umbrella: Its cyberespionage TTPs and activity

ESET researchers reveal a detailed profile of TA410: we believe this cyberespionage umbrella group consists of three different teams using different toolsets, including a new version of the FlowCloud espionage backdoor discovered by ESET. TA410 is an umbrella group comprised of three teams ESET researchers named FlowingFrog, LookingFrog and JollyFrog, each with its own toolset … More A lookback under the TA410 umbrella: Its cyberespionage TTPs and activity

ESET Research discovers Mustang Panda’s Hodur cyberespionage malware: Old tricks, new Korplug variant

Mustang Panda, the cyberespionage group behind this threat, is targeting mainly governmental entities and NGOs in East and Southeast Asia, and some in Europe and Africa. · This cyberespionage campaign dates back to at least August 2021 and is still ongoing as of March 2022. · Mustang Panda, the APT group behind this campaign, is … More ESET Research discovers Mustang Panda’s Hodur cyberespionage malware: Old tricks, new Korplug variant

Shoulder surfing: Watch out for eagle‑eyed snoopers peeking at your phone

Some fraudsters may use low-tech tactics to steal your sensitive information – peering over your shoulder as you enter that data is one of them. We live in an age of pervasive connectivity. But our always-on, mobile-centric lives also expose us to risk. For many people, it is the prospect of phishing, remotely deployed malware … More Shoulder surfing: Watch out for eagle‑eyed snoopers peeking at your phone

ESET Research discovers DazzleSpy: macOS malware spyware

On November 11th, Google TAG published a blogpost about watering-hole attacks leading to exploits for the Safari web browser running on macOS. ESET researchers had been investigating this campaign the week before that publication, uncovering additional details about the targets and malware used to compromise its victims. Here we provide a breakdown of the WebKit exploit used … More ESET Research discovers DazzleSpy: macOS malware spyware

ESET Research investigates Donot Team: Cyberespionage targeting military & governments

ESET has analyzed two variants of the yty malware framework: Gedit and DarkMusical. ESET researchers have decided to call one of the variants DarkMusical because many of the names the attackers chose for their files and folders are inspired by the movie High School Musical.  These attacks are focused on government and military organizations, Ministries … More ESET Research investigates Donot Team: Cyberespionage targeting military & governments