‘Machete’ cyberattack strikes Venezuela

ESET research uncovers a cyberespionage operation targeting Venezuelan government institutions. Latin America is often overlooked when it comes to persistent threats and groups with politically motivated targets. There is, however, an ongoing case of cyberespionage against high-profile organizations that has managed to stay under the radar. The group behind these attacks has stolen gigabytes of … More ‘Machete’ cyberattack strikes Venezuela

A dive into Turla PowerShell usage

ESET researchers analyze new TTPs attributed to the Turla group that leverage PowerShell to run malware in-memory only. Turla, also known as Snake, is an infamous espionage group recognized for its complex malware. To confound detection, its operators recently started using PowerShell scripts that provide direct, in-memory loading and execution of malware executables and libraries. … More A dive into Turla PowerShell usage

Plead malware distributed via MitM attacks at router level, misusing ASUS WebStorage

ESET researchers have discovered that the attackers have been distributing the Plead malware via compromised routers and man-in-the-middle attacks against the legitimate ASUS WebStorage software. In July 2018 we discovered that the Plead backdoor was digitally signed by a code-signing certificate that was issued to D-Link Corporation. Recently we detected a new activity involving the same malware … More Plead malware distributed via MitM attacks at router level, misusing ASUS WebStorage

New ESET research uncovers Gazer, the stealthy backdoor that spies on embassies

Security researchers at ESET have released new research today into the activities of the notorious Turla cyberespionage group, and specifically a previously undocumented backdoor that has been used to spy on consulates and embassies worldwide. ESET’s research team are the first in the world to document the advanced backdoor malware, which they have named “Gazer”, despite evidence that … More New ESET research uncovers Gazer, the stealthy backdoor that spies on embassies

New ESET research paper puts Sednit under the microscope

Security researchers at ESET have released their latest research into the notorious Sednit cyberespionage group, which has targeted over 1000 high profile individuals with phishing attacks and zero-day exploits in their attempts to steal confidential information. The Sednit gang, also known sometimes as APT28, Fancy Bear, Pawn Storm or Sofacy, are highly experienced. It has … More New ESET research paper puts Sednit under the microscope

USBee: how to spy on an isolated system with a USB

In recent years we’ve seen increasing numbers of attacks designed to affect systems which are isolated from the network and cannot be attacked using conventional methods. Almost all research into this has been carried out by experts in Israel – that comes as no great surprise since this is a country at the forefront of cybersecurity. … More USBee: how to spy on an isolated system with a USB