With FaceApp in the spotlight, new scams emerge

ESET researchers discover fraudulent schemes piggybacking on the popularity of the face-modifying tool FaceApp, using a fake “Pro” version of the application as a lure. The latest hype around the FaceApp application has attracted scammers who want to make a quick profit. The FaceApp application, which offers various face-modifying filters, is available for both Android and iOS. While the app … More With FaceApp in the spotlight, new scams emerge

Cybercrime seen to be getting worse: The time to act is now

What mounting public concern about falling victim to cybercrime says about government and corporate efforts at cybercrime deterrence. Is the risk of becoming a victim of cybercrime increasing? Most people in North America and Europe think it is, based on the surveys that I’ve been looking at. Earlier this year the European Union published the … More Cybercrime seen to be getting worse: The time to act is now

Banking Malware: Countering the threats with certified (browser) protection

These days, there isn’t much that can’t be done on mobile, and that includes banking. Banking apps are quickly becoming the go to method of managing finances, and as a result, mobile banking malware targeting Android phones has become a serious and somewhat underestimated threat. For malware creators motivated by financial gain, banking apps provide … More Banking Malware: Countering the threats with certified (browser) protection

Malicious campaign targets South Korean users with backdoor-laced torrents

ESET researchers have discovered a malicious campaign distributing a backdoor via torrents, with Korean TV content used as a lure. Fans of Korean TV should be on the lookout for an ongoing campaign spreading malware via torrent sites, using South Korean movies and TV shows as a guise. The malware allows the attacker to connect … More Malicious campaign targets South Korean users with backdoor-laced torrents

Stopping stalkerware: What needs to change?

What technology makers and others can – and should – do to counter the kind of surveillance that starts at home. Regardless of whose statistics you read, a disturbingly high percentage of women and men will experience intimate partner violence or harassment in their lifetime. Worryingly, technology is being used more and more frequently as a tool to coerce … More Stopping stalkerware: What needs to change?

LoudMiner: Cross-platform mining in cracked VST software

The story of a Linux miner bundled with pirated copies of VST (Virtual Studio Technology) software for Windows and macOS. Introduction LoudMiner is an unusual case of a persistent cryptocurrency miner, distributed for macOS and Windows since August 2018. It uses virtualization software – QEMU on macOS and VirtualBox on Windows – to mine cryptocurrency … More LoudMiner: Cross-platform mining in cracked VST software

Malware sidesteps Google permissions policy with new 2FA bypass technique

ESET analysis uncovers a novel technique bypassing SMS-based two-factor authentication while circumventing Google’s recent SMS permissions restrictions. When Google restricted the use of SMS and Call Log permissions in Android apps in March 2019, one of the positive effects was that credential-stealing apps lost the option to abuse these permissions for bypassing SMS-based two-factor authentication (2FA) mechanisms. … More Malware sidesteps Google permissions policy with new 2FA bypass technique