Aerospace and military companies in the crosshairs of cyberspies

ESET researchers uncover targeted attacks against high-profile aerospace and military companies. At the end of last year, we discovered targeted attacks against aerospace and military companies in Europe and the Middle East, active from September to December 2019. A collaborative investigation with two of the affected European companies allowed us to gain insight into the … More Aerospace and military companies in the crosshairs of cyberspies

Notorious spy tool taken down in global operation

IM-RAT, which could be had for as little as US$25, was bought by nearly 15,000 people. Law enforcement authorities in a number of countries have broken up a cybercriminal operation that peddled a notorious Remote Access Trojan (RAT) capable of giving anyone with ill intentions total control over compromised machines, according to announcements by Europol, the United Kingdom’s National … More Notorious spy tool taken down in global operation

ESET discovers Attor, a spy platform with curious GSM fingerprinting

ESET researchers discover a previously unreported cyberespionage platform used in targeted attacks against diplomatic missions and governmental institutions, and privacy-concerned users. ESET researchers have discovered a new espionage platform with a complex architecture, a host of measures to make detection and analysis more difficult and two notable features. First, its GSM plugin uses the AT … More ESET discovers Attor, a spy platform with curious GSM fingerprinting

First‑of‑its‑kind spyware sneaks into Google Play

ESET analysis breaks down the first known spyware that is built on the AhMyth open-source espionage tool and has appeared on Google Play – twice. ESET researchers have discovered the first known spyware that is built on the foundations of AhMyth open-source malware and has circumvented Google’s app-vetting process. The malicious app, called Radio Balouch … More First‑of‑its‑kind spyware sneaks into Google Play

Turla: In and out of its unique Outlook backdoor

The latest ESET research offers a rare glimpse into the mechanics of a particularly stealthy and resilient backdoor that the Turla cyberespionage group can fully control via PDF files attached to emails. ESET researchers have investigated a distinctive backdoor used by the notorious Advanced Persistent Threat (APT) group known as Turla (or Snake, or Uroburos) to siphon … More Turla: In and out of its unique Outlook backdoor