Mumblehard takedown ends army of Linux servers from spamming

One year after the release of the technical analysis of the Mumblehard Linux botnet, we are pleased to report that it is no longer active. ESET, in cooperation with the Cyber Police of Ukraine and CyS Centrum LLC, have taken down the Mumblehard botnet, stopping all its spamming activities since February 29th, 2016. ESET is … More Mumblehard takedown ends army of Linux servers from spamming

The security review: ESET’s trends for 2016, more cyberattacks in Ukraine and virtualised security

From expert insight into cybersecurity-related trends in 2016 to the ongoing attacks against Ukraine’s electric power industry and the persistent problem that is poor password behavior, we’ve got you covered for all the important security stories from the past seven days. ESET Trends for 2016: Security is becoming a part of our lives ESET released … More The security review: ESET’s trends for 2016, more cyberattacks in Ukraine and virtualised security

New wave of cyberattacks against Ukrainian power industry

The cyberattacks against the Ukrainian electric power industry continue. Background information on this story can be found in our recent publications: BlackEnergy trojan strikes again: Attacks Ukrainian electric power industry BlackEnergy by the SSHBearDoor: attacks against Ukrainian news media and electric industry BlackEnergy and the Ukrainian power outage: What we really know Yesterday (January 19th) … More New wave of cyberattacks against Ukrainian power industry

The security review: BlackEnergy, CES 2016 and Windows 10

From the return of BlackEnergy to analysing all things security at CES 2016 and the pros and cons of Windows 10, we’ve got you covered for all the important security stories from the past seven days. BlackEnergy trojan returns with attacks against Ukrainian energy providers ESET delivered a comprehensive report on the reemergence of the … More The security review: BlackEnergy, CES 2016 and Windows 10

BlackEnergy trojan strikes again: Attacks Ukrainian electric power industry

On December 23rd, 2015, around half of the homes in the Ivano-Frankivsk region in Ukraine (population around 1.4 million) were left without electricity for a few hours. According to the Ukrainian news media outlet TSN, the cause of the power outage was a “hacker attack” utilizing a “virus”. Looking at ESET’s own telemetry, we have … More BlackEnergy trojan strikes again: Attacks Ukrainian electric power industry

Operation Potao Express: Analysis of a cyber-espionage toolkit

Attackers spying on high-value targets in Ukraine, Russia and Belarus, and their TrueCrypt-encrypted data We presented our initial findings based on research into the Win32/Potao malware family in June, in our CCCC 2015 presentation in Copenhagen. Today, we are releasing the full whitepaper on the Potao malware with additional findings, the cyberespionage campaigns where it was … More Operation Potao Express: Analysis of a cyber-espionage toolkit

Back in BlackEnergy*: 2014 Targeted Attacks in Ukraine and Poland

A large number of state organisations and private businesses from various industry sectors in Ukraine and Poland have been targeted in recent attacks using malware designed for network discovery and remote code execution, and for collecting data from targets’ hard drives. What makes these attacks interesting – aside from the tense current geopolitical situation in … More Back in BlackEnergy*: 2014 Targeted Attacks in Ukraine and Poland