3ve – Major online ad fraud operation disrupted

International law enforcement swoops on fake ad viewing outfit. On Monday, October 22nd, a disruption action involving law enforcement bodies worldwide targeted “3ve”, a major online ad fraud operation. Today, on November 27, 2018, a 13-count indictment against eight defendants was unsealed. Out of these eight defendants, three are in custody and awaiting extradition. Ad fraud campaigns … More 3ve – Major online ad fraud operation disrupted

Trends 2018: Doing time for cybercrime

Law enforcement and malware research join forces to take down cybercriminals. The primary purpose of malware analysis is to determine how a given piece of malware works, extract IOCs (Indicators of Compromise) and determine potential countermeasures. This work is almost purely technical in nature: it focuses on binary files and their properties. Results from malware analysis are … More Trends 2018: Doing time for cybercrime

ESET helps law enforcement worldwide to disrupt Gamarue botnet

Law enforcement authorities across the globe disrupted many long-running botnets powered by a malware family dubbed as Gamarue, mostly detected by ESET as Win32/TrojanDownloader.Wauchos and also known as Andromeda, capping a year-plus concerted effort that relied on technical intelligence from Microsoft and ESET researchers. ESET, having been approached by Microsoft to join the disruption effort, provided a technical analysis … More ESET helps law enforcement worldwide to disrupt Gamarue botnet

Crimeware: Malware and massive campaigns around the world

Within the world of IT security, one of the biggest concerns for companies and users is malicious code that can compromise their systems and/or information networks. This concern is not at all unfounded, as cases of malware and crimeware incidents are reported daily around the world. Indeed, the number of reports, detections and threats observed … More Crimeware: Malware and massive campaigns around the world

News from the Dorkside: Dorkbot botnet disrupted

ESET has collaborated with Microsoft, CERT.PL and various law enforcement bodies around the world to disrupt known Dorkbot botnets by sinkholing their C&C servers. ESET shared technical analysis, statistical information about the malware used, and known command and control servers’ domains and IPs. We also were able to leverage our historical knowledge of this threat … More News from the Dorkside: Dorkbot botnet disrupted

Operation Liberpy: Keyloggers and information theft in Latin America

In mid-April 2015, ESET’s Laboratory in Latin America received a report on an executable program named “Liberty2-0.exe” detected by us as Python/Liberpy.A. It was a keylogger, a threat that undermines the security of a system by reporting all keyboard events (keys the user presses), as well as mouse movements, to a server controlled by the … More Operation Liberpy: Keyloggers and information theft in Latin America