Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-06-24Twitter (@ESETresearch)ESET Research
@online{research:20200624:malicious:8ea3789, author = {ESET Research}, title = {{Tweet on malicious EFI bootloader which displays a ransom message and prevents the computer from booting}}, date = {2020-06-24}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1275770256389222400}, language = {English}, urldate = {2020-06-24} } Tweet on malicious EFI bootloader which displays a ransom message and prevents the computer from booting
2020-06-24ESET ResearchLukáš Štefanko
@online{tefanko:20200624:new:ccea4e8, author = {Lukáš Štefanko}, title = {{New ransomware posing as COVID‑19 tracing app targets Canada; ESET offers decryptor}}, date = {2020-06-24}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/06/24/new-ransomware-uses-covid19-tracing-guise-target-canada-eset-decryptor/}, language = {English}, urldate = {2020-06-24} } New ransomware posing as COVID‑19 tracing app targets Canada; ESET offers decryptor
CryCryptor
2020-06-18ESET ResearchZuzana Hromcová, Anton Cherepanov
@online{hromcov:20200618:digging:285d02f, author = {Zuzana Hromcová and Anton Cherepanov}, title = {{Digging up InvisiMole’s hidden arsenal}}, date = {2020-06-18}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/06/18/digging-up-invisimole-hidden-arsenal/}, language = {English}, urldate = {2020-06-29} } Digging up InvisiMole’s hidden arsenal
InvisiMole
2020-06-17ESET ResearchDominik Breitenbacher, Kaspars Osis
@techreport{breitenbacher:20200617:operation:7969e3a, author = {Dominik Breitenbacher and Kaspars Osis}, title = {{Operation In(ter)ception: Targeted Attacks against European Aerospace and Military Companies}}, date = {2020-06-17}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2020/06/ESET_Operation_Interception.pdf}, language = {English}, urldate = {2020-06-17} } Operation In(ter)ception: Targeted Attacks against European Aerospace and Military Companies
Interception
2020-06-11ESET ResearchJean-Ian Boutin
@online{boutin:20200611:gamaredon:14a96c2, author = {Jean-Ian Boutin}, title = {{Gamaredon group grows its game}}, date = {2020-06-11}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/06/11/gamaredon-group-grows-its-game/}, language = {English}, urldate = {2020-06-11} } Gamaredon group grows its game
2020-06-08Twitter (@ESETresearch)ESET Research
@online{research:20200608:ginp:5379e4f, author = {ESET Research}, title = {{Tweet on Ginp android banking trojan targeting Government of Spain, Ministry of Health}}, date = {2020-06-08}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1269945115738542080}, language = {English}, urldate = {2020-06-11} } Tweet on Ginp android banking trojan targeting Government of Spain, Ministry of Health
Ginp
2020-06-08ESET ResearchZuzana Hromcová, Anton Cherepanov
@techreport{hromcov:20200608:invisimole:70a4dc1, author = {Zuzana Hromcová and Anton Cherepanov}, title = {{InvisiMole: The Hidden Part of the Story - Unearthing InvisiMole's Espionage Toolset and Strategic Cooperations}}, date = {2020-06-08}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2020/06/ESET_InvisiMole.pdf}, language = {English}, urldate = {2020-06-29} } InvisiMole: The Hidden Part of the Story - Unearthing InvisiMole's Espionage Toolset and Strategic Cooperations
InvisiMole RC2FM
2020-05-26ESET ResearchMatthieu Faou
@online{faou:20200526:from:804e2da, author = {Matthieu Faou}, title = {{From Agent.BTZ to ComRAT v4: A ten‑year journey}}, date = {2020-05-26}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/05/26/agentbtz-comratv4-ten-year-journey/}, language = {English}, urldate = {2020-05-27} } From Agent.BTZ to ComRAT v4: A ten‑year journey
Agent.BTZ
2020-05-26ESET ResearchMatthieu Faou
@techreport{faou:20200526:from:89e2854, author = {Matthieu Faou}, title = {{From Agent.BTZ to ComRAT v4: A ten‑year journey (White Paper)}}, date = {2020-05-26}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2020/05/ESET_Turla_ComRAT.pdf}, language = {English}, urldate = {2020-05-27} } From Agent.BTZ to ComRAT v4: A ten‑year journey (White Paper)
Agent.BTZ
2020-05-22ESET ResearchLukáš Štefanko
@online{tefanko:20200522:insidious:183d8f2, author = {Lukáš Štefanko}, title = {{Insidious Android malware gives up all malicious features but one to gain stealth}}, date = {2020-05-22}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/05/22/insidious-android-malware-gives-up-all-malicious-features-but-one-gain-stealth/}, language = {English}, urldate = {2020-05-25} } Insidious Android malware gives up all malicious features but one to gain stealth
DEFENSOR ID
2020-05-21ESET ResearchMathieu Tartare, Martin Smolár
@online{tartare:20200521:no:016fc6c, author = {Mathieu Tartare and Martin Smolár}, title = {{No “Game over” for the Winnti Group}}, date = {2020-05-21}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/05/21/no-game-over-winnti-group/}, language = {English}, urldate = {2020-05-23} } No “Game over” for the Winnti Group
ACEHASH HTran MimiKatz
2020-05-14ESET ResearchPeter Kálnai
@online{klnai:20200514:mikroceen:b259a8c, author = {Peter Kálnai}, title = {{Mikroceen: Spying backdoor leveraged in high‑profile networks in Central Asia}}, date = {2020-05-14}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/05/14/mikroceen-spying-backdoor-high-profile-networks-central-asia/}, language = {English}, urldate = {2020-05-14} } Mikroceen: Spying backdoor leveraged in high‑profile networks in Central Asia
BYEBY Microcin
2020-05-13ESET ResearchIgnacio Sanmillan
@online{sanmillan:20200513:ramsay:8608f19, author = {Ignacio Sanmillan}, title = {{Ramsay: A cyber‑espionage toolkit tailored for air‑gapped networks}}, date = {2020-05-13}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/05/13/ramsay-cyberespionage-toolkit-airgapped-networks/}, language = {English}, urldate = {2020-05-14} } Ramsay: A cyber‑espionage toolkit tailored for air‑gapped networks
Ramsay Retro
2020-05-07Twitter (@ESETresearch)ESET Research
@online{research:20200507:peddlecheap:8a701e3, author = {ESET Research}, title = {{Tweet on PeddleCheap packed with Winnti packer}}, date = {2020-05-07}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1258353960781598721}, language = {English}, urldate = {2020-05-07} } Tweet on PeddleCheap packed with Winnti packer
PeddleCheap
2020-04-28ESET ResearchESET Research
@online{research:20200428:grandoreiro:8d82542, author = {ESET Research}, title = {{Grandoreiro: How engorged can an EXE get?}}, date = {2020-04-28}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/04/28/grandoreiro-how-engorged-can-exe-get/}, language = {English}, urldate = {2020-05-05} } Grandoreiro: How engorged can an EXE get?
Grandoreiro
2020-03-19ESET ResearchVladislav Hrčka
@online{hrka:20200319:stantinkos:b6a60f8, author = {Vladislav Hrčka}, title = {{Stantinko’s new cryptominer features unique obfuscation techniques}}, date = {2020-03-19}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/03/19/stantinko-new-cryptominer-unique-obfuscation-techniques/}, language = {English}, urldate = {2020-03-26} } Stantinko’s new cryptominer features unique obfuscation techniques
Stantinko
2020-03-12ESET ResearchMatthieu Faou
@online{faou:20200312:tracking:913d16e, author = {Matthieu Faou}, title = {{Tracking Turla: New backdoor delivered via Armenian watering holes}}, date = {2020-03-12}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/03/12/tracking-turla-new-backdoor-armenian-watering-holes/}, language = {English}, urldate = {2020-03-13} } Tracking Turla: New backdoor delivered via Armenian watering holes
LightNeuron Mosquito NetFlash Skipper
2020-03-05ESET ResearchESET Research
@online{research:20200305:guildma:a339bd6, author = {ESET Research}, title = {{Guildma: The Devil drives electric}}, date = {2020-03-05}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/03/05/guildma-devil-drives-electric/}, language = {English}, urldate = {2020-03-09} } Guildma: The Devil drives electric
Astaroth
2020-01-31ESET ResearchMathieu Tartare
@online{tartare:20200131:winnti:9f891e4, author = {Mathieu Tartare}, title = {{Winnti Group targeting universities in Hong Kong}}, date = {2020-01-31}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/01/31/winnti-group-targeting-universities-hong-kong/}, language = {English}, urldate = {2020-02-03} } Winnti Group targeting universities in Hong Kong
ShadowPad Winnti
2019-11-26ESET ResearchVladislav Hrčka
@online{hrka:20191126:stantinko:0fbdd59, author = {Vladislav Hrčka}, title = {{Stantinko botnet adds cryptomining to its pool of criminal activities}}, date = {2019-11-26}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2019/11/26/stantinko-botnet-adds-cryptomining-criminal-activities/}, language = {English}, urldate = {2020-01-12} } Stantinko botnet adds cryptomining to its pool of criminal activities
Stantinko