ESET Research discovers Bandidos, a new spying campaign in Venezuela

The latest version of Bandook steals sensitive documents and credentials from corporate networks, creates a malicious Chrome extension, and misuses URL shorteners like Rebrandly and Bitly. ESET Research has recently uncovered a new and still active campaign that uses more advanced versions of the old crimeware Bandook to spy on its victims. The ongoing campaign … More ESET Research discovers Bandidos, a new spying campaign in Venezuela

Apple fixes macOS zero‑day bug that let malware take secret screenshots

You would do well to update to macOS Big Sur 11.4 post-haste. Apple has rolled out updates to address a bevy of security flaws, including three zero-day vulnerabilities that are being actively exploited in the wild. Two of the loopholes affect tvOS used for the Apple TV 4k and Apple TV HD offerings, whereas the … More Apple fixes macOS zero‑day bug that let malware take secret screenshots

Android stalkerware threatens victims further and exposes snoopers themselves

ESET research reveals that common Android stalkerware apps are riddled with vulnerabilities that further jeopardize victims and expose the privacy and security of the snoopers themselves. Mobile stalkerware, also known as spouseware, is monitoring software silently installed by a stalker onto a victim’s device without the victim’s knowledge. Generally, the stalker needs to have physical … More Android stalkerware threatens victims further and exposes snoopers themselves

ESET discovers Operation Spalax: Colombian government and industry sector under targeted attack

In 2020, ESET researchers observed several attacks exclusively targeting Colombian entities, which have collectively been dubbed Operation Spalax. These attacks are ongoing and are focused on both government institutions and private companies, especially in the energy and metallurgical industries. The attackers rely on the use of remote access trojans, most likely to conduct cyber-espionage activities.  … More ESET discovers Operation Spalax: Colombian government and industry sector under targeted attack

ESET Research uncovers APT-C-23 group’s new Android spyware masked as Threema and Telegram

ESET researchers uncover a new version of Android spyware used by the APT-C-23 threat group against targets in the Middle East. ESET researchers have analyzed a new version of Android spyware used by APT-C-23, a threat group active since at least 2017 that is known for mainly targeting the Middle East. The new spyware, detected … More ESET Research uncovers APT-C-23 group’s new Android spyware masked as Threema and Telegram