Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-03-07ESET ResearchLukáš Štefanko
@online{tefanko:20230307:love:51d570c, author = {Lukáš Štefanko}, title = {{Love scam or espionage? Transparent Tribe lures Indian and Pakistani officials}}, date = {2023-03-07}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2023/03/07/love-scam-espionage-transparent-tribe-lures-indian-pakistani-officials/}, language = {English}, urldate = {2023-03-13} } Love scam or espionage? Transparent Tribe lures Indian and Pakistani officials
CapraRAT
2023-01-10ESET ResearchLukáš Štefanko
@online{tefanko:20230110:strongpity:be928e7, author = {Lukáš Štefanko}, title = {{StrongPity espionage campaign targeting Android users}}, date = {2023-01-10}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2023/01/10/strongpity-espionage-campaign-targeting-android-users/}, language = {English}, urldate = {2023-01-13} } StrongPity espionage campaign targeting Android users
2022-11-23ESET ResearchLukáš Štefanko
@online{tefanko:20221123:bahamut:7e7453f, author = {Lukáš Štefanko}, title = {{Bahamut cybermercenary group targets Android users with fake VPN apps}}, date = {2022-11-23}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/11/23/bahamut-cybermercenary-group-targets-android-users-fake-vpn-apps/}, language = {English}, urldate = {2022-11-25} } Bahamut cybermercenary group targets Android users with fake VPN apps
Bahamut
2022-04-06ESET ResearchLukáš Štefanko
@online{tefanko:20220406:fake:47db49c, author = {Lukáš Štefanko}, title = {{Fake e‑shops on the prowl for banking credentials using Android malware}}, date = {2022-04-06}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/04/06/fake-eshops-prowl-banking-credentials-android-malware/}, language = {English}, urldate = {2022-04-08} } Fake e‑shops on the prowl for banking credentials using Android malware
Unidentified APK 008
2022-03-31Twitter (@LukasStefanko)Lukáš Štefanko
@online{tefanko:20220331:vajraspy:1a8d32b, author = {Lukáš Štefanko}, title = {{Tweet on VajraSpy}}, date = {2022-03-31}, organization = {Twitter (@LukasStefanko)}, url = {https://twitter.com/LukasStefanko/status/1509451238366236674}, language = {English}, urldate = {2022-03-31} } Tweet on VajraSpy
VajraSpy
2022-03-24ESET ResearchLukáš Štefanko
@online{tefanko:20220324:crypto:ff8a482, author = {Lukáš Štefanko}, title = {{Crypto malware in patched wallets targeting Android and iOS devices}}, date = {2022-03-24}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/03/24/crypto-malware-patched-wallets-targeting-android-ios-devices/}, language = {English}, urldate = {2022-03-25} } Crypto malware in patched wallets targeting Android and iOS devices
2021-09-07ESET ResearchLukáš Štefanko
@online{tefanko:20210907:bladehawk:a5ce5a7, author = {Lukáš Štefanko}, title = {{BladeHawk group: Android espionage against Kurdish ethnic group}}, date = {2021-09-07}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/09/07/bladehawk-android-espionage-kurdish/}, language = {English}, urldate = {2021-09-14} } BladeHawk group: Android espionage against Kurdish ethnic group
888 RAT BladeHawk
2021-07-20ESET ResearchLukáš Štefanko
@online{tefanko:20210720:some:faa4124, author = {Lukáš Štefanko}, title = {{Some URL shortener services distribute Android malware, including banking or SMS trojans}}, date = {2021-07-20}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2021/07/20/url-shortener-services-android-malware-banking-sms-trojans/}, language = {English}, urldate = {2021-07-20} } Some URL shortener services distribute Android malware, including banking or SMS trojans
FakeAdBlocker
2020-09-30ESET ResearchLukáš Štefanko
@online{tefanko:20200930:aptc23:033fea8, author = {Lukáš Štefanko}, title = {{APT‑C‑23 group evolves its Android spyware}}, date = {2020-09-30}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/09/30/aptc23-group-evolves-its-android-spyware/}, language = {English}, urldate = {2020-10-04} } APT‑C‑23 group evolves its Android spyware
SpyC23
2020-07-14ESET ResearchLukáš Štefanko
@online{tefanko:20200714:welcome:333a076, author = {Lukáš Štefanko}, title = {{Welcome Chat as a secure messaging app? Nothing could be further from the truth}}, date = {2020-07-14}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/07/14/welcome-chat-secure-messaging-app-nothing-further-truth/}, language = {English}, urldate = {2020-07-15} } Welcome Chat as a secure messaging app? Nothing could be further from the truth
BadPatch
2020-07-06MalwareHunterTeam, Lukáš Štefanko
@online{malwarehunterteam:20200706:tweets:b223019, author = {MalwareHunterTeam and Lukáš Štefanko}, title = {{Tweets on Basbanke}}, date = {2020-07-06}, url = {https://twitter.com/LukasStefanko/status/1280243673100402690}, language = {English}, urldate = {2020-08-18} } Tweets on Basbanke
Basbanke
2020-07-06Youtube (Lukas Stefanko)Lukáš Štefanko
@online{tefanko:20200706:dynamic:5acb3f4, author = {Lukáš Štefanko}, title = {{Dynamic analysis of patched EventBot allows us read its detailed debug logs while running | Trojan}}, date = {2020-07-06}, organization = {Youtube (Lukas Stefanko)}, url = {https://www.youtube.com/watch?v=qqwOrLR2rgU}, language = {English}, urldate = {2020-07-16} } Dynamic analysis of patched EventBot allows us read its detailed debug logs while running | Trojan
Eventbot
2020-06-24ESET ResearchLukáš Štefanko
@online{tefanko:20200624:new:ccea4e8, author = {Lukáš Štefanko}, title = {{New ransomware posing as COVID‑19 tracing app targets Canada; ESET offers decryptor}}, date = {2020-06-24}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/06/24/new-ransomware-uses-covid19-tracing-guise-target-canada-eset-decryptor/}, language = {English}, urldate = {2020-06-24} } New ransomware posing as COVID‑19 tracing app targets Canada; ESET offers decryptor
CryCryptor
2020-06-03Twitter (@LukasStefanko)Lukáš Štefanko
@online{tefanko:20200603:atank:71ea06f, author = {Lukáš Štefanko}, title = {{Tweet on ATANK Android ransomware}}, date = {2020-06-03}, organization = {Twitter (@LukasStefanko)}, url = {https://twitter.com/LukasStefanko/status/1268070798293708800}, language = {English}, urldate = {2020-08-12} } Tweet on ATANK Android ransomware
ATANK
2020-05-22ESET ResearchLukáš Štefanko
@online{tefanko:20200522:insidious:183d8f2, author = {Lukáš Štefanko}, title = {{Insidious Android malware gives up all malicious features but one to gain stealth}}, date = {2020-05-22}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2020/05/22/insidious-android-malware-gives-up-all-malicious-features-but-one-gain-stealth/}, language = {English}, urldate = {2020-05-25} } Insidious Android malware gives up all malicious features but one to gain stealth
DEFENSOR ID
2020-04-23Youtube (Lukas Stefanko)Lukáš Štefanko
@online{tefanko:20200423:android:82225cd, author = {Lukáš Štefanko}, title = {{Android banking Trojan Anubis | Malware demo | infected device | covid19 | targets Italy}}, date = {2020-04-23}, organization = {Youtube (Lukas Stefanko)}, url = {https://www.youtube.com/watch?v=U0UsfO-0uJM}, language = {English}, urldate = {2020-04-26} } Android banking Trojan Anubis | Malware demo | infected device | covid19 | targets Italy
Anubis
2020-04-20Twitter (@LukasStefanko)Lukáš Štefanko
@online{tefanko:20200420:rogue:c622a95, author = {Lukáš Štefanko}, title = {{Tweet on Rogue / Dark Shades}}, date = {2020-04-20}, organization = {Twitter (@LukasStefanko)}, url = {https://twitter.com/LukasStefanko/status/1252163657036976129}, language = {English}, urldate = {2020-05-05} } Tweet on Rogue / Dark Shades
Dark Shades
2020-04-19Youtube (Lukas Stefanko)Lukáš Štefanko
@online{tefanko:20200419:android:7d10bbc, author = {Lukáš Štefanko}, title = {{Android banking Trojan Ginp | Malware demo | infected device | targets Coronavirus trackers}}, date = {2020-04-19}, organization = {Youtube (Lukas Stefanko)}, url = {https://www.youtube.com/watch?v=WeL_xSryj8E}, language = {English}, urldate = {2020-05-05} } Android banking Trojan Ginp | Malware demo | infected device | targets Coronavirus trackers
Ginp
2020-03-26Twitter (@LukasStefanko)Lukáš Štefanko
@online{tefanko:20200326:adobot:087fbc7, author = {Lukáš Štefanko}, title = {{Tweet on AdoBot}}, date = {2020-03-26}, organization = {Twitter (@LukasStefanko)}, url = {https://twitter.com/LukasStefanko/status/1243198756981559296}, language = {English}, urldate = {2020-04-07} } Tweet on AdoBot
AdoBot
2019-10-24ESET ResearchLukáš Štefanko
@online{tefanko:20191024:tracking:d7cf5b8, author = {Lukáš Štefanko}, title = {{Tracking down the developer of Android adware affecting millions of users}}, date = {2019-10-24}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2019/10/24/tracking-down-developer-android-adware/}, language = {English}, urldate = {2019-11-14} } Tracking down the developer of Android adware affecting millions of users
Ashas