ESET helps law enforcement worldwide to disrupt Gamarue botnet

Law enforcement authorities across the globe disrupted many long-running botnets powered by a malware family dubbed as Gamarue, mostly detected by ESET as Win32/TrojanDownloader.Wauchos and also known as Andromeda, capping a year-plus concerted effort that relied on technical intelligence from Microsoft and ESET researchers. ESET, having been approached by Microsoft to join the disruption effort, provided a technical analysis … More ESET helps law enforcement worldwide to disrupt Gamarue botnet

DoubleLocker: Innovative Android Ransomware

ESET researchers have spotted the first-ever ransomware misusing Android accessibility services. On top of encrypting data, it also locks the device. Detected by ESET products as Android/DoubleLocker.A, the ransomware is based on the foundations of a particular banking Trojan, known for misusing accessibility services of the Android operating system. However, DoubleLocker doesn’t have the functions related … More DoubleLocker: Innovative Android Ransomware

Money-making machine: Monero-mining malware

While the world is holding its breath, wondering where notorious cybercriminal groups like Lazarus or Telebots will strike next with another destructive malware such as WannaCryptor or Petya, there are many other, less aggressive, much stealthier and often very profitable operations going on. One such operation has been going on since at least May 2017, … More Money-making machine: Monero-mining malware

Bankbot trojan returns to Google Play with new tricks

The dangerous Android banking trojan that we first informed about in the beginning of this year has found its way to Google Play again, now stealthier than ever. Dubbed BankBot, the banking trojan has been evolving throughout the year, resurfacing in different versions both on and outside Google Play. The variant we discovered on Google Play on … More Bankbot trojan returns to Google Play with new tricks

Malware warning for Mac users, after HandBrake mirror download server hacked

A mirror download server for the popular tool HandBrake video file-transcoding app has been compromised by hackers, who replaced its Mac edition with malware. The first most Mac users will know about the security incident will be when they visit the app’s website, at https://handbrake.fr, and see a link to a “Security Alert”: Anyone who … More Malware warning for Mac users, after HandBrake mirror download server hacked