Notorious spy tool taken down in global operation

IM-RAT, which could be had for as little as US$25, was bought by nearly 15,000 people. Law enforcement authorities in a number of countries have broken up a cybercriminal operation that peddled a notorious Remote Access Trojan (RAT) capable of giving anyone with ill intentions total control over compromised machines, according to announcements by Europol, the United Kingdom’s National … More Notorious spy tool taken down in global operation

Email sextortion scam, claiming victim’s paedophilia links, hits Irish mailboxes

ESET Ireland warning about scammers claiming they’ll release videos of victims watching illegal pornography unless paid 5000 GBP in Bitcoin. ESET Ireland has registered several related emails being sent to Irish mailboxes, threatening recipients with releasing videos of them watching illegal pornography online, unless they immediately pay the blackmailers 5000 GBP (5,611 EUR) in Bitcoin. The … More Email sextortion scam, claiming victim’s paedophilia links, hits Irish mailboxes

First‑of‑its‑kind spyware sneaks into Google Play

ESET analysis breaks down the first known spyware that is built on the AhMyth open-source espionage tool and has appeared on Google Play – twice. ESET researchers have discovered the first known spyware that is built on the foundations of AhMyth open-source malware and has circumvented Google’s app-vetting process. The malicious app, called Radio Balouch … More First‑of‑its‑kind spyware sneaks into Google Play

Stopping stalkerware: What needs to change?

What technology makers and others can – and should – do to counter the kind of surveillance that starts at home. Regardless of whose statistics you read, a disturbingly high percentage of women and men will experience intimate partner violence or harassment in their lifetime. Worryingly, technology is being used more and more frequently as a tool to coerce … More Stopping stalkerware: What needs to change?

A dive into Turla PowerShell usage

ESET researchers analyze new TTPs attributed to the Turla group that leverage PowerShell to run malware in-memory only. Turla, also known as Snake, is an infamous espionage group recognized for its complex malware. To confound detection, its operators recently started using PowerShell scripts that provide direct, in-memory loading and execution of malware executables and libraries. … More A dive into Turla PowerShell usage

Turla: In and out of its unique Outlook backdoor

The latest ESET research offers a rare glimpse into the mechanics of a particularly stealthy and resilient backdoor that the Turla cyberespionage group can fully control via PDF files attached to emails. ESET researchers have investigated a distinctive backdoor used by the notorious Advanced Persistent Threat (APT) group known as Turla (or Snake, or Uroburos) to siphon … More Turla: In and out of its unique Outlook backdoor

Bluetooth bug could expose devices to snoopers

Patches have already been released or are expected to see the light of day soon. Researchers have discovered a flaw in some Bluetooth implementations that could allow an attacker to intercept or tamper with data exchanged between two vulnerable devices. The cryptographic bug, tracked as CVE-2018-5383, has been identified by scientists at the Israel Institute of … More Bluetooth bug could expose devices to snoopers