ESET researchers have discovered a cyberespionage campaign that, since at least September 2023, has been victimizing Tibetans via a targeted watering hole (also known as a strategic web compromise), and a supply-chain compromise to deliver trojanized installers of Tibetan language translation software.Read More…
ESET researchers have uncovered a compromise of an East Asian data-loss prevention (DLP) company. During the intrusion, the attackers deployed at least three malware families and compromised internal update servers and third-party tools used by the affected company.Read More…
ESET researchers have uncovered a compromise of an East Asian data-loss prevention (DLP) company. During the intrusion, the attackers deployed at least three malware families and compromised internal update servers and third-party tools used by the affected company.Read More…
ESET researchers have analyzed a cyberespionage campaign distributing CapraRAT backdoors through trojanized and supposedly “secure” Android messaging apps that exfiltrate sensitive information.Read More…
ESET researchers have discovered the WinorDLL64 backdoor, one of the payloads of the Wslink downloader. The targeted region, and overlap in behavior and code, suggest the tool is used by the infamous North Korea-aligned APT group Lazarus.Read More…
ESET researchers identified an active StrongPity APT group campaign leveraging a fully functional but trojanized version of the legitimate Telegram app, which despite being non-existent, has been repackaged as „the“ Shagle app.Read More…
ESET researchers discovered a new wiper and its execution tool, both attributed to the Iran-aligned Agrius APT group. The malware operators conducted a supply-chain attack abusing an Israeli software developer to deploy their new wiper, Fantasy, and a new lateral movement and Fantasy execution tool, Sandals.Read More…
ESET researchers have discovered a Linux variant of the SideWalk backdoor, one of the multiple custom implants used by the SparklingGoblin APT group. This variant was first deployed against a Hong Kong university in February 2021 — the same university that had already been targeted by SparklingGoblinRead More…
ESET Research discovered a still-ongoing cyberespionage campaign using a previously undocumented Korplug variant by the Mustang Panda APT group. This is the third time in as many weeks that ESET researchers have spotted previously unknown data wiping malwareRead More…
ESET researchers have uncovered recent campaigns and an updated threat arsenal of the infamous APT group Donot Team (also known as APT-C-35 and SectorE02). According to research findings, the group is very persistent and has consistently targeted the same organizations for at least the last two years.Read More…
ESET Research has uncovered a new APT group BackdoorDiplomacy that primarily targets Ministries of Foreign Affairs in the Middle East and Africa, and less frequently, telecommunication companies. Their attacks usually start by exploiting vulnerable internet-exposed applications on webservers in order to install a custom backdoor that ESET is calling Turian. Read More…
The cyber threats such as cyberespionage, ransomware and supply-chain attacks are on the rise and above all, the most formidable challenge, and foe, shared by all governments is advanced persistent threat (APT) groups. Read More…
