Connecting the dots: Exposing the arsenal and methods of the Winnti Group

New ESET white paper released describing updates to the malware arsenal and campaigns of this group known for its supply-chain attacks. Today, ESET Research releases a white paper updating our understanding of the Winnti Group. Last March, ESET researchers warned about a new supply-chain attack targeting video game developers in Asia. Following that publication, we continued … More Connecting the dots: Exposing the arsenal and methods of the Winnti Group

How can critical infrastructure be targeted by malware?

Do you know how attacks on national critical systems could also represent a threat to your business? The concept that cyber criminals can take out power grids or disrupt transport networks may once have been a movie script rather than news headlines. Yet in the last few years we’ve seen continued attacks on power grids … More How can critical infrastructure be targeted by malware?

Needles in a haystack: Picking unwanted UEFI components out of millions of samples

ESET experts describe how they trained a machine-learning model to recognize a handful of unwanted UEFI components within a flood of millions of harmless samples. UEFI (Unified Extensible Firmware Interface) security has been a hot topic for the past few years, but, due to various limitations, very little UEFI-based malware has been found in the … More Needles in a haystack: Picking unwanted UEFI components out of millions of samples

Casbaneiro: Dangerous cooking with a secret ingredient

Número dois in our series demystifying Latin American banking trojans. Most reverse engineers would agree that quite often one can learn something new on the job. However, it is not every day you learn how to cook a delicious meal while analyzing malware. This unique experience is provided by a malware family we discuss in … More Casbaneiro: Dangerous cooking with a secret ingredient

Hospitals in US, Australia hobbled by ransomware

The incidents send medical staff back to the days of pen and paper. Several hospitals in the United States and Australia have been paralyzed by ransomware attacks, leading to the cancellation of all but the most urgent appointments and surgeries. In the US, the outbreak affected three Alabama-based healthcare providers – DCH Regional Medical Center, … More Hospitals in US, Australia hobbled by ransomware

Email sextortion scam, claiming victim’s paedophilia links, hits Irish mailboxes

ESET Ireland warning about scammers claiming they’ll release videos of victims watching illegal pornography unless paid 5000 GBP in Bitcoin. ESET Ireland has registered several related emails being sent to Irish mailboxes, threatening recipients with releasing videos of them watching illegal pornography online, unless they immediately pay the blackmailers 5000 GBP (5,611 EUR) in Bitcoin. The … More Email sextortion scam, claiming victim’s paedophilia links, hits Irish mailboxes