Apple chip supplier blames WannaCryptor variant for plant shutdowns

The malware outbreak has even prompted concerns of delays in the shipments of the next wave of iPhones. Taiwan Semiconductor Manufacturing Company (TSMC) has reverted to normal operations after a “mutation” of the WannaCryptor (aka WannaCry) malware forced the closure of several of its fabrications plants over the weekend, according to a BBC report. The company … More Apple chip supplier blames WannaCryptor variant for plant shutdowns

A deep dive down the Vermin RAThole

ESET researchers have analysed remote access tools cybercriminals have been using in an ongoing campaign to systematically exfiltrate data from Ukrainian systems. In this blogpost, we will sum up the findings published in full in our white paper “Quasar, Sobaken and Vermin: A deeper look into an ongoing espionage campaign”. The attackers behind the campaign … More A deep dive down the Vermin RAThole

Trends 2018: Doing time for cybercrime

Law enforcement and malware research join forces to take down cybercriminals. The primary purpose of malware analysis is to determine how a given piece of malware works, extract IOCs (Indicators of Compromise) and determine potential countermeasures. This work is almost purely technical in nature: it focuses on binary files and their properties. Results from malware analysis are … More Trends 2018: Doing time for cybercrime

Ammyy Admin compromised with malware again; World Cup used as cover

Website altered to serve a malware-tainted version of otherwise legitimate software with the global event in Russia acting as a smokescreen. Users who downloaded the free remote administration tool Ammyy Admin from its official website ammyy.com on June 13 or 14, beware! According to ESET’s analysis, within that timeframe the website was compromised to serve … More Ammyy Admin compromised with malware again; World Cup used as cover

Certificates stolen from Taiwanese tech-companies misused in Plead malware campaign

D-Link and Changing Information Technologies code-signing certificates stolen and abused by highly skilled cyberespionage group focused on East Asia, particularly Taiwan. ESET researchers have discovered a new malware campaign misusing stolen digital certificates. We spotted this malware campaign when our systems marked several files as suspicious. Interestingly, the flagged files were digitally signed using a valid … More Certificates stolen from Taiwanese tech-companies misused in Plead malware campaign

World Cup watching: The common threats found when using streaming sites

On the eve of the 2018 FIFA World Cup in Russia, we take a closer look at the possible cybersecurity risks that exist on sports-streaming websites. With the start of FIFA World Cup on June 14 just a day away, many fans will be looking for streaming sites where they can watch the matches taking … More World Cup watching: The common threats found when using streaming sites

Atlanta’s ransomware attack: Police dashcam video archives lost forever

The city has spent $5 million to restore files, rebuild impacted systems, and harden its cyber-defenses. The ransomware attack that compromised much of the computer infrastructure of Atlanta’s municipal government in March 2018, has resulted in the loss of years’ worth of footage collected by dashboard-mounted cameras in the city’s police cars, according to WSB-TV channel. … More Atlanta’s ransomware attack: Police dashcam video archives lost forever