Tag: telebots

Prime targets: Governments shouldn’t go it alone on cybersecurity

April 29, 2021

A year into the pandemic, ESET reveals new research into activities of the LuckyMouse APT group and considers how governments can rise to the cybersecurity challenges of the accelerated shift to digital. Earlier this year, a well-known APT group dubbed LuckyMouse (aka Emissary Panda, APT27) began exploiting several zero-day Microsoft Exchange Server vulnerabilities. Its end goal? … More Prime targets: Governments shouldn’t go it alone on cybersecurity

Attacks targeting IT firms stir concern, controversy

February 18, 2021

The Exaramel backdoor, discovered by ESET in 2018, resurfaces in a campaign hitting companies that use an outdated version of a popular IT monitoring tool. France’s national cybersecurity agency ANSSI has disclosed details about an intrusion campaign targeting IT services firms that run the Centreon IT resource monitoring tool. The attacks are thought to have stayed under … More Attacks targeting IT firms stir concern, controversy

2018: Research highlights from ESET’s leading lights

January 2, 2019

As the curtain slowly falls on yet another eventful year in cybersecurity, let’s look back on some of the finest malware analysis by ESET researchers in 2018. If you never got the chance to read this year’s investigations by ESET researchers into some of the most dangerous hacker shenanigans in recent years, or if you … More 2018: Research highlights from ESET’s leading lights

GreyEnergy: Updated arsenal of one of the most dangerous threat actors

October 18, 2018

ESET research reveals a successor to the infamous BlackEnergy APT group targeting critical infrastructure, quite possibly in preparation for damaging attacks. Recent ESET research has uncovered details of the successor of the BlackEnergy APT group, whose main toolset was last seen in December 2015 during the first-ever blackout caused by a cyberattack. Around the time … More GreyEnergy: Updated arsenal of one of the most dangerous threat actors

New TeleBots backdoor: First evidence linking Industroyer to NotPetya

October 12, 2018

ESET’s analysis of a recent backdoor used by TeleBots – the group behind the massive NotPetya ransomware outbreak – uncovers strong code similarities to the Industroyer main backdoor, revealing a rumored connection that was not previously proven. Among the most significant malware-induced cybersecurity incidents in recent years were the attacks against the Ukrainian power grid – which … More New TeleBots backdoor: First evidence linking Industroyer to NotPetya