Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-09-10ESET ResearchAnton Cherepanov
@online{cherepanov:20200910:who:2fdc6a6, author = {Anton Cherepanov}, title = {{Who is calling? CDRThief targets Linux VoIP softswitches}}, date = {2020-09-10}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/09/10/who-callin-cdrthief-linux-voip-softswitches/}, language = {English}, urldate = {2020-09-15} } Who is calling? CDRThief targets Linux VoIP softswitches
CDRThief
2020-09-02ESET ResearchMatthieu Faou, Alexandre Côté Cyr
@online{faou:20200902:kryptocibule:9fb272b, author = {Matthieu Faou and Alexandre Côté Cyr}, title = {{KryptoCibule: The multitasking multicurrency cryptostealer}}, date = {2020-09-02}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/09/02/kryptocibule-multitasking-multicurrency-cryptostealer/}, language = {English}, urldate = {2020-09-03} } KryptoCibule: The multitasking multicurrency cryptostealer
KryptoCibule
2020-08-13ESET ResearchESET Research
@online{research:20200813:mekotio:4d7964c, author = {ESET Research}, title = {{Mekotio: These aren’t the security updates you’re looking for…}}, date = {2020-08-13}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/08/13/mekotio-these-arent-the-security-updates-youre-looking-for}, language = {English}, urldate = {2020-08-14} } Mekotio: These aren’t the security updates you’re looking for…
2020-08-13ESET Research
@online{research:20200813:mekotio:c7c68ed, author = {ESET Research}, title = {{Mekotio: These aren’t the security updates you’re looking for…}}, date = {2020-08-13}, url = {https://www.welivesecurity.com/2020/08/13/mekotio-these-arent-the-security-updates-youre-looking-for/}, language = {English}, urldate = {2020-08-24} } Mekotio: These aren’t the security updates you’re looking for…
Mekotio
2020-08-07ESET ResearchVladislav Hrčka
@online{hrka:20200807:stadeo:9fc4787, author = {Vladislav Hrčka}, title = {{Stadeo: Deobfuscating Stantinko and more}}, date = {2020-08-07}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/08/07/stadeo-deobfuscating-stantinko-and-more/}, language = {English}, urldate = {2020-08-14} } Stadeo: Deobfuscating Stantinko and more
Stantinko
2020-07-29ESET Researchwelivesecurity
@techreport{welivesecurity:20200729:threat:496355c, author = {welivesecurity}, title = {{THREAT REPORT Q2 2020}}, date = {2020-07-29}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2020/07/ESET_Threat_Report_Q22020.pdf}, language = {English}, urldate = {2020-07-30} } THREAT REPORT Q2 2020
DEFENSOR ID HiddenAd Bundlore Pirrit Agent.BTZ Cerber ClipBanker CROSSWALK Cryptowall CTB Locker DanaBot Dharma Formbook Gandcrab Grandoreiro Houdini ISFB LockBit Locky Mailto Maze Microcin Nemty NjRAT Phobos Ransomware PlugX Pony REvil Socelars STOP Ransomware Tinba TrickBot WannaCryptor
2020-07-16ESET ResearchMarc-Etienne M.Léveillé
@online{mlveill:20200716:mac:405cc1d, author = {Marc-Etienne M.Léveillé}, title = {{Mac cryptocurrency trading application rebranded, bundled with malware}}, date = {2020-07-16}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/07/16/mac-cryptocurrency-trading-application-rebranded-bundled-malware/}, language = {English}, urldate = {2020-07-16} } Mac cryptocurrency trading application rebranded, bundled with malware
Gmera
2020-07-16ESET ResearchAmer Owaida
@online{owaida:20200716:highprofile:9e5eb1d, author = {Amer Owaida}, title = {{High‑profile Twitter accounts hacked to promote Bitcoin scam}}, date = {2020-07-16}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/07/16/high-profile-twitter-accounts-hacked-bitcoin-scam/}, language = {English}, urldate = {2020-07-16} } High‑profile Twitter accounts hacked to promote Bitcoin scam
2020-07-14ESET ResearchLukáš Štefanko
@online{tefanko:20200714:welcome:333a076, author = {Lukáš Štefanko}, title = {{Welcome Chat as a secure messaging app? Nothing could be further from the truth}}, date = {2020-07-14}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/07/14/welcome-chat-secure-messaging-app-nothing-further-truth/}, language = {English}, urldate = {2020-07-15} } Welcome Chat as a secure messaging app? Nothing could be further from the truth
BadPatch
2020-07-09ESET ResearchMatías Porolli
@online{porolli:20200709:more:24d8b63, author = {Matías Porolli}, title = {{More evil: A deep look at Evilnum and its toolset}}, date = {2020-07-09}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/07/09/more-evil-deep-look-evilnum-toolset/}, language = {English}, urldate = {2020-07-11} } More evil: A deep look at Evilnum and its toolset
EVILNUM More_eggs EVILNUM TerraPreter TerraStealer TerraTV Evilnum
2020-06-24Twitter (@ESETresearch)ESET Research
@online{research:20200624:malicious:8ea3789, author = {ESET Research}, title = {{Tweet on malicious EFI bootloader which displays a ransom message and prevents the computer from booting}}, date = {2020-06-24}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1275770256389222400}, language = {English}, urldate = {2020-06-24} } Tweet on malicious EFI bootloader which displays a ransom message and prevents the computer from booting
2020-06-24ESET ResearchLukáš Štefanko
@online{tefanko:20200624:new:ccea4e8, author = {Lukáš Štefanko}, title = {{New ransomware posing as COVID‑19 tracing app targets Canada; ESET offers decryptor}}, date = {2020-06-24}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/06/24/new-ransomware-uses-covid19-tracing-guise-target-canada-eset-decryptor/}, language = {English}, urldate = {2020-06-24} } New ransomware posing as COVID‑19 tracing app targets Canada; ESET offers decryptor
CryCryptor
2020-06-18ESET ResearchZuzana Hromcová, Anton Cherepanov
@online{hromcov:20200618:digging:285d02f, author = {Zuzana Hromcová and Anton Cherepanov}, title = {{Digging up InvisiMole’s hidden arsenal}}, date = {2020-06-18}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/06/18/digging-up-invisimole-hidden-arsenal/}, language = {English}, urldate = {2020-06-29} } Digging up InvisiMole’s hidden arsenal
InvisiMole
2020-06-17ESET ResearchDominik Breitenbacher, Kaspars Osis
@techreport{breitenbacher:20200617:operation:7969e3a, author = {Dominik Breitenbacher and Kaspars Osis}, title = {{Operation In(ter)ception: Targeted Attacks against European Aerospace and Military Companies}}, date = {2020-06-17}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2020/06/ESET_Operation_Interception.pdf}, language = {English}, urldate = {2020-06-17} } Operation In(ter)ception: Targeted Attacks against European Aerospace and Military Companies
Interception
2020-06-11ESET ResearchJean-Ian Boutin
@online{boutin:20200611:gamaredon:14a96c2, author = {Jean-Ian Boutin}, title = {{Gamaredon group grows its game}}, date = {2020-06-11}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/06/11/gamaredon-group-grows-its-game/}, language = {English}, urldate = {2020-06-11} } Gamaredon group grows its game
2020-06-08Twitter (@ESETresearch)ESET Research
@online{research:20200608:ginp:5379e4f, author = {ESET Research}, title = {{Tweet on Ginp android banking trojan targeting Government of Spain, Ministry of Health}}, date = {2020-06-08}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1269945115738542080}, language = {English}, urldate = {2020-06-11} } Tweet on Ginp android banking trojan targeting Government of Spain, Ministry of Health
Ginp
2020-06-08ESET ResearchZuzana Hromcová, Anton Cherepanov
@techreport{hromcov:20200608:invisimole:70a4dc1, author = {Zuzana Hromcová and Anton Cherepanov}, title = {{InvisiMole: The Hidden Part of the Story - Unearthing InvisiMole's Espionage Toolset and Strategic Cooperations}}, date = {2020-06-08}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2020/06/ESET_InvisiMole.pdf}, language = {English}, urldate = {2020-06-29} } InvisiMole: The Hidden Part of the Story - Unearthing InvisiMole's Espionage Toolset and Strategic Cooperations
InvisiMole RC2FM
2020-05-26ESET ResearchMatthieu Faou
@techreport{faou:20200526:from:89e2854, author = {Matthieu Faou}, title = {{From Agent.BTZ to ComRAT v4: A ten‑year journey (White Paper)}}, date = {2020-05-26}, institution = {ESET Research}, url = {https://www.welivesecurity.com/wp-content/uploads/2020/05/ESET_Turla_ComRAT.pdf}, language = {English}, urldate = {2020-05-27} } From Agent.BTZ to ComRAT v4: A ten‑year journey (White Paper)
Agent.BTZ
2020-05-26ESET ResearchMatthieu Faou
@online{faou:20200526:from:804e2da, author = {Matthieu Faou}, title = {{From Agent.BTZ to ComRAT v4: A ten‑year journey}}, date = {2020-05-26}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/05/26/agentbtz-comratv4-ten-year-journey/}, language = {English}, urldate = {2020-05-27} } From Agent.BTZ to ComRAT v4: A ten‑year journey
Agent.BTZ
2020-05-22ESET ResearchLukáš Štefanko
@online{tefanko:20200522:insidious:183d8f2, author = {Lukáš Štefanko}, title = {{Insidious Android malware gives up all malicious features but one to gain stealth}}, date = {2020-05-22}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/05/22/insidious-android-malware-gives-up-all-malicious-features-but-one-gain-stealth/}, language = {English}, urldate = {2020-05-25} } Insidious Android malware gives up all malicious features but one to gain stealth
DEFENSOR ID