Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-10-07ESET ResearchVladislav Hrčka
@online{hrka:20211007:fontonlake:03cadd5, author = {Vladislav Hrčka}, title = {{FontOnLake: Previously unknown malware family targeting Linux}}, date = {2021-10-07}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/10/07/fontonlake-previously-unknown-malware-family-targeting-linux/}, language = {English}, urldate = {2021-10-11} } FontOnLake: Previously unknown malware family targeting Linux
FontOnLake
2021-10-06ESET ResearchMartina López
@online{lpez:20211006:to:8e09f8a, author = {Martina López}, title = {{To the moon and hack: Fake SafeMoon app drops malware to spy on you}}, date = {2021-10-06}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/10/06/moon-hack-fake-safemoon-cryptocurrency-app-drops-malware-spy/}, language = {English}, urldate = {2021-10-11} } To the moon and hack: Fake SafeMoon app drops malware to spy on you
Remcos
2021-09-23ESET ResearchTahseen Bin Taj, Matthieu Faou
@online{taj:20210923:famoussparrow:5f0d606, author = {Tahseen Bin Taj and Matthieu Faou}, title = {{FamousSparrow: A suspicious hotel guest}}, date = {2021-09-23}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/09/23/famoussparrow-suspicious-hotel-guest/}, language = {English}, urldate = {2021-09-24} } FamousSparrow: A suspicious hotel guest
SparrowDoor
2021-09-23ESET ResearchESET Research
@online{research:20210923:c:02fc0f8, author = {ESET Research}, title = {{Tweet on C# variant of the nccTrojan}}, date = {2021-09-23}, organization = {ESET Research}, url = {https://twitter.com/ESETresearch/status/1441139057682104325?s=20}, language = {English}, urldate = {2021-09-29} } Tweet on C# variant of the nccTrojan
nccTrojan
2021-09-20Twitter (@ESETresearch)ESET Research
@online{research:20210920:darkiot:0693e33, author = {ESET Research}, title = {{Tweet on Dark.IoT Botnet exploiting critical Azure vulnerability CVE-2021-38647 #OMIGOD}}, date = {2021-09-20}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1440052837820428298?s=20}, language = {English}, urldate = {2021-09-22} } Tweet on Dark.IoT Botnet exploiting critical Azure vulnerability CVE-2021-38647 #OMIGOD
Dark
2021-09-17ESET ResearchESET Research
@online{research:20210917:numando:a7866e5, author = {ESET Research}, title = {{Numando: Count once, code twice}}, date = {2021-09-17}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/09/17/numando-latam-banking-trojan/}, language = {English}, urldate = {2021-09-19} } Numando: Count once, code twice
Numando
2021-09-07ESET ResearchLukáš Štefanko
@online{tefanko:20210907:bladehawk:a5ce5a7, author = {Lukáš Štefanko}, title = {{BladeHawk group: Android espionage against Kurdish ethnic group}}, date = {2021-09-07}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/09/07/bladehawk-android-espionage-kurdish/}, language = {English}, urldate = {2021-09-14} } BladeHawk group: Android espionage against Kurdish ethnic group
888 RAT
2021-09-03Twitter (@ESETresearch)ESET Research
@online{research:20210903:twitter:1e08c95, author = {ESET Research}, title = {{Twitter thread on SPARKLOG, a launcher component for PRIVATELOG along with STASHLOG}}, date = {2021-09-03}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1433819369784610828}, language = {English}, urldate = {2021-09-14} } Twitter thread on SPARKLOG, a launcher component for PRIVATELOG along with STASHLOG
PRIVATELOG STASHLOG
2021-08-24ESET ResearchThibaut Passilly, Mathieu Tartare
@online{passilly:20210824:sidewalk:75d39db, author = {Thibaut Passilly and Mathieu Tartare}, title = {{The SideWalk may be as dangerous as the CROSSWALK}}, date = {2021-08-24}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/08/24/sidewalk-may-be-as-dangerous-as-crosswalk/}, language = {English}, urldate = {2021-08-31} } The SideWalk may be as dangerous as the CROSSWALK
Cobalt Strike CROSSWALK SideWalk
2021-08-11ESET ResearchZuzana Hromcová
@online{hromcov:20210811:iiserpent:7f68773, author = {Zuzana Hromcová}, title = {{IISerpent: Malware‑driven SEO fraud as a service}}, date = {2021-08-11}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/08/11/iiserpent-malware-driven-seo-fraud-service/}, language = {English}, urldate = {2021-08-16} } IISerpent: Malware‑driven SEO fraud as a service
2021-08-09ESET ResearchZuzana Hromcová
@online{hromcov:20210809:iispy:c0b6ad3, author = {Zuzana Hromcová}, title = {{IISpy: A complex server‑side backdoor with anti‑forensic features}}, date = {2021-08-09}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/08/09/iispy-complex-server-side-backdoor-antiforensic-features/}, language = {English}, urldate = {2021-09-19} } IISpy: A complex server‑side backdoor with anti‑forensic features
IISpy JuicyPotato
2021-08-06ESET ResearchZuzana Hromcová, Anton Cherepanov
@online{hromcov:20210806:anatomy:27b293f, author = {Zuzana Hromcová and Anton Cherepanov}, title = {{Anatomy of native IIS malware}}, date = {2021-08-06}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/08/06/anatomy-native-iis-malware/}, language = {English}, urldate = {2021-08-09} } Anatomy of native IIS malware
IISniff RGDoor
2021-08-06ESET ResearchZuzana Hromcová
@online{hromcov:20210806:iistealer:d9957ab, author = {Zuzana Hromcová}, title = {{IIStealer: A server‑side threat to e‑commerce transactions}}, date = {2021-08-06}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/08/06/iistealer-server-side-threat-ecommerce-transactions/}, language = {English}, urldate = {2021-08-09} } IIStealer: A server‑side threat to e‑commerce transactions
2021-08-04ESET ResearchZuzana Hromcová
@techreport{hromcov:20210804:anatomy:2bcd04b, author = {Zuzana Hromcová}, title = {{Anatomy of Native IIS Malware (slides)}}, date = {2021-08-04}, institution = {ESET Research}, url = {https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-Anatomy-Of-Native-Iis-Malware.pdf}, language = {English}, urldate = {2021-08-06} } Anatomy of Native IIS Malware (slides)
IISniff RGDoor
2021-08-04ESET ResearchZuzana Hromcová
@techreport{hromcov:20210804:anatomy:e1c9d94, author = {Zuzana Hromcová}, title = {{Anatomy of Native IIS Malware (white papaer)}}, date = {2021-08-04}, institution = {ESET Research}, url = {https://i.blackhat.com/USA21/Wednesday-Handouts/us-21-Anatomy-Of-Native-Iis-Malware-wp.pdf}, language = {English}, urldate = {2021-08-06} } Anatomy of Native IIS Malware (white papaer)
IISniff RGDoor
2021-07-20ESET ResearchLukáš Štefanko
@online{tefanko:20210720:some:faa4124, author = {Lukáš Štefanko}, title = {{Some URL shortener services distribute Android malware, including banking or SMS trojans}}, date = {2021-07-20}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/07/20/url-shortener-services-android-malware-banking-sms-trojans/}, language = {English}, urldate = {2021-07-20} } Some URL shortener services distribute Android malware, including banking or SMS trojans
FakeAdBlocker
2021-07-15Twitter (@ESETresearch)ESET Research
@online{research:20210715:freebsd:eda7f95, author = {ESET Research}, title = {{Tweet on FreeBSD targeted with Golang backdoor}}, date = {2021-07-15}, organization = {Twitter (@ESETresearch)}, url = {https://twitter.com/ESETresearch/status/1415542456360263682}, language = {English}, urldate = {2021-07-20} } Tweet on FreeBSD targeted with Golang backdoor
2021-07-07ESET ResearchFernando Tavella, Matías Porolli
@online{tavella:20210707:bandidos:f734d08, author = {Fernando Tavella and Matías Porolli}, title = {{Bandidos at large: A spying campaign in Latin America}}, date = {2021-07-07}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/07/07/bandidos-at-large-spying-campaign-latin-america/}, language = {English}, urldate = {2021-07-09} } Bandidos at large: A spying campaign in Latin America
Bandook
2021-06-10ESET ResearchAdam Burgher
@online{burgher:20210610:backdoordiplomacy:4ebcb1d, author = {Adam Burgher}, title = {{BackdoorDiplomacy: Upgrading from Quarian to Turian}}, date = {2021-06-10}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/06/10/backdoordiplomacy-upgrading-quarian-turian/}, language = {English}, urldate = {2021-06-16} } BackdoorDiplomacy: Upgrading from Quarian to Turian
CHINACHOPPER DoublePulsar EternalRocks BackdoorDiplomacy
2021-06-09ESET ResearchThomas Dupuy, Matthieu Faou
@online{dupuy:20210609:gelsemium:34ccc46, author = {Thomas Dupuy and Matthieu Faou}, title = {{Gelsemium: When threat actors go gardening}}, date = {2021-06-09}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/06/09/gelsemium-when-threat-actors-go-gardening/}, language = {English}, urldate = {2021-06-16} } Gelsemium: When threat actors go gardening
Gelsemium