Notorious cyberespionage group debases MSSQL. For a while, ESET researchers have been tracking the activities of the Winnti Group, active since at least 2012 and responsible for high-profile supply-chain attacks against the video game and software industry. Recently, we discovered a previously undocumented backdoor targeting Microsoft SQL (MSSQL) that allows attackers to maintain a very discreet … More Winnti Group’s skip‑2.0: A Microsoft SQL Server backdoor
ESET researchers discover a trojanized Tor Browser distributed by cybercriminals to steal bitcoins from darknet market buyers. Utilizing a trojanized version of an official Tor Browser package, the cybercriminals behind this campaign have been very successful – so far their pastebin.com accounts have had more than 500,000 views and they were able to steal US$40,000+ … More Fleecing the onion: Darknet shoppers swindled out of bitcoins via trojanized Tor Browser
ESET Smart Home Research Team uncovers Echo, Kindle versions vulnerable to 2017 Wi-Fi vulnerabilities. In recent years, hundreds of millions of homes have become “smarter” and internet-enabled using one of the popular home assistant devices. Despite the efforts of some vendors to develop these devices with security in mind, ESET Smart Home Research Team discovered … More What was wrong with Alexa? How Amazon Echo and Kindle got KRACKed
Do you know what kind of data your streaming device may be collecting while you binge watch? Steadily, we are adopting more and more technology into our households. Our homes are becoming more interconnected, with IoT (Internet of Things) devices becoming regular parts of our lives. One of the devices that is the centerpiece of … More Streaming devices track viewing habits, study finds
Do you know how attacks on national critical systems could also represent a threat to your business? The concept that cyber criminals can take out power grids or disrupt transport networks may once have been a movie script rather than news headlines. Yet in the last few years we’ve seen continued attacks on power grids … More How can critical infrastructure be targeted by malware?
ESET researchers discover a previously unreported cyberespionage platform used in targeted attacks against diplomatic missions and governmental institutions, and privacy-concerned users. ESET researchers have discovered a new espionage platform with a complex architecture, a host of measures to make detection and analysis more difficult and two notable features. First, its GSM plugin uses the AT … More ESET discovers Attor, a spy platform with curious GSM fingerprinting
An email, pretending to be a reminder from An Post to renew the TV Licence, leads to a phishing website that steals payment card details. An email from a Brazil-linked address has been landing in Irish mailboxes lately, claiming to come from An Post, the subject stating “Your TV Licence is about to expire”: “Dear … More TV Licence scam email targeting Ireland